But NSO’s new zero-click method makes the discovery of spyware by journalists and cybersecurity researchers much harder. The patches came a day before Apples splashy fall event that. Those links made it possible for journalists and researchers at organizations like Citizen Lab to investigate the possible presence of spyware. Apple also released WatchOS 7.6.2, MacOS Big Sur 11.6 and a security update for MacOS Catalina to address the vulnerability. NSO’s clients previously infected their targets using text messages that cajoled victims into clicking on links. Sales of spyware are locked up in nondisclosure agreements and are frequently rolled into classified programs, with limited, if any, oversight. In July, ransomware criminals used a zero day in software sold by the tech company Kaseya to bring down the networks of some 1,000 companies.įor years, the spyware industry has been a black box. This year, Chinese hackers were caught using zero days in Microsoft Exchange to steal emails and plant ransomware. This year marks a record for the discovery of so-called zero days, secret software flaws like the one that NSO used to install its spyware. Shalev Hulio, a co-founder of NSO Group, vehemently denied the list’s accuracy, telling The Times, “This is like opening up the white pages, choosing 50,000 numbers and drawing some conclusion from it.” It also included 14 heads of state, including President Emmanuel Macron of France, President Cyril Ramaphosa of South Africa, Prime Minister Mostafa Madbouly of Egypt, Prime Minister Imran Khan of Pakistan, Saad-Eddine El Othmani, who until recently was the prime minister of Morocco, and Charles Michel, the head of the European Council. Apple said it intends to launch new security defenses for its iMessage texting application in its next iOS 15 software update, expected later this year. The company has previously acknowledged similarly serious flaws and, in what Strafach estimated to be perhaps a dozen occasions, has noted that it was aware of reports that such security holes had been exploited.Let Us Help You Protect Your Digital LifeĪmong those listed were Azam Ahmed, who had been the Mexico City bureau chief for The Times and who has reported widely on corruption, violence and surveillance in Latin America, including on NSO itself and Ben Hubbard, The Times’s bureau chief in Beirut, Lebanon, who has investigated rights abuses and corruption in Saudi Arabia and wrote a recent biography of the Saudi crown prince, Mohammed bin Salman. More than 1.65 billion Apple products in use globally have been susceptible to the spyware since at least March. Researchers at the University of Toronto’s Citizen Lab said the security issue was exploited to plant the spyware on a Saudi activist. Security researcher Will Strafach said he had seen no technical analysis of the vulnerabilities that Apple has just patched. This will trigger the patch to quickly update the device. Its spyware is known to have been used in Europe, the Middle East, Africa and Latin America against journalists, dissidents and human rights activists. Apple Issues Emergency Security Updates to Close a Spyware Flaw Researchers at Citizen Lab found that NSO Group, an Israeli spyware company, had infected Apple products without so much as a click. Apple will likely announce iOS 15’s release date tomorrow at the California Streaming Special Event. This is the Holy Grail of surveillance capabilities and you are vulnerable until you update. The update is available now and will be arriving to compatible devices over-the-air soon. NSO Group has been blacklisted by the U.S. Apple Issues Emergency Security Updates to Close a Spyware Flaw Summary by Ground News Apple have released iOS 14.8 to all iPhone and iPod touch devices. This will trigger the patch to quickly update the device. In all cases, it cited an anonymous researcher.Ĭommercial spyware companies such as Israel’s NSO Group are known for identifying and taking advantage of such flaws, exploiting them in malware that surreptitiously infects targets’ smartphones, siphons their contents and surveils the targets in real time. Think twice before sharing it.Īpple did not say in the reports how, where or by whom the vulnerabilities were discovered. Digital Replica Edition Home Page Close MenuĮveryone wants your email address. said it patched a security flaw in its Messages app after security researchers determined that Israel-based NSO Group used it to exploit and infect the latest devices with spyware.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |