Thursday, August 25, 2016 11:49:03 PM
...and you people who simply want a sexy product that saves a few seconds at transaction time want us to trust yours and my hard-earner money to this technology?? Why would you??!!
Apple forced to issue a global update of iOS after the discovery of sophisticated malware
APPLE has been forced to issue a global update of its mobile operating system after an established private cyberarms dealer found a way to hack every iPhone in the world.
The hackers from NSO Group developed a sophisticated piece of malware that exploited three previously unknown vulnerabilities in Apple’s iOS.
After learning of the hack, Apple developed a patch with its latest iOS update, which it is advising people to download immediately.
“We were made aware of this vulnerability and immediately fixed it with iOS 9.3.5. We advise all of our customers to always download the latest version of iOS to protect themselves against potential security exploits,” a spokesman told AP.
New joint reports from Citizen Lab and mobile security company Lookout said this was a world first for an attack of this kind in the wild.
Lookout vice president of research Mike Murray said the hack was essentially a remote jailbreak — the process of removing software restrictions imposed by iOS.
“We realised that we were looking at something that no one had ever seen in the wild before,” he told Motherboard.
“Literally a click on a link to jailbreak an iPhone in one step. [It is] one of the most sophisticated pieces of cyberespionage software we’ve ever seen.”
Mr Murray said the malware, codenamed Pegasus, gave attackers full control of the smartphone. “It basically steals all the information on your phone, it intercepts every call, it intercepts every text message, it steals all the emails, the contacts, the FaceTime calls,” he said.
“It also basically backdoors every communications mechanism you have on the phone,”
“It steals all the information in the Gmail app, all the Facebook messages, all the Facebook information, your Facebook contacts, everything from Skype, WhatsApp, Viber, WeChat, Telegram — you name it.”
Since being established in 2010, NSO has become notorious for selling its sophisticated malware to governments.
However, the group largely works in stealth, operating without any web presence other than a LinkedIn profile, which says the company has been 201 and 500 employees.
Citizen Lab researcher Bill Marczak said breaking down the malicious program was compared to “defusing a bomb”.
“It is amazing the level they’ve gone through to avoid detection,” he said. “They have a hair-trigger self-destruct.”
Mr Murray said this is the first time anyone had ever been able to document tools used by NSO. “This is the first time any security researchers, as far as any of us are aware, have ever gotten a copy of NSO Group’s spyware and been able to reverse engineer it,” he told Wired.
“They are a really sophisticated threat actor and the software they have reflects that. They are incredibly committed to stealth.”
The threat was initially found after human rights activist from the United Arab Emirates, Ahmed Mansoor, received a text message offering “new secrets about torture of Emiratis in state prisons” with a link from an unknown number.
Having previously fallen victim to government hackers using commercial spyware products, Mr Mansoor flagged the message with Citizen Lab.
“As a human rights defender in a country that considers such a thing as a threat, an enemy or traitor, I have to be more careful than the average person,” he told Wired. “Such content was enough to trigger all the red flags with me,”
While NSO Group won’t be able to use this particular attack anymore on updated iPhones, it’s likely another won’t be far behind.
Recent SMME News
- Form 10-Q - Quarterly report [Sections 13 or 15(d)] • Edgar (US Regulatory) • 06/10/2024 09:22:17 PM
- Form NT 10-Q - Notification of inability to timely file Form 10-Q or 10-QSB • Edgar (US Regulatory) • 05/15/2024 01:54:15 PM
- Form 10-Q - Quarterly report [Sections 13 or 15(d)] • Edgar (US Regulatory) • 02/21/2024 06:41:03 PM
- Credit Card to Prevent Fraudelent Activities • AllPennyStocks.com • 12/21/2023 08:00:00 PM
- Credit Card to Prevent Fraudulent Activities • AllPennyStocks.com • 12/21/2023 08:00:00 PM
- Form 10-Q - Quarterly report [Sections 13 or 15(d)] • Edgar (US Regulatory) • 11/20/2023 08:30:16 PM
- Form 8-K - Current report • Edgar (US Regulatory) • 11/07/2023 11:00:48 AM
- Form 253G1 - • Edgar (US Regulatory) • 11/06/2023 04:10:16 PM
- Form QUALIF - Notice of Qualification [Regulation A] • Edgar (US Regulatory) • 11/06/2023 05:15:06 AM
- Form 1-A POS - • Edgar (US Regulatory) • 10/20/2023 07:26:28 PM
- Form 10-K/A - Annual report [Section 13 and 15(d), not S-K Item 405]: [Amend] • Edgar (US Regulatory) • 10/19/2023 08:20:09 PM
- Form 10-K/A - Annual report [Section 13 and 15(d), not S-K Item 405]: [Amend] • Edgar (US Regulatory) • 10/18/2023 09:26:13 PM
- Form DEF 14C - Other definitive information statements • Edgar (US Regulatory) • 10/16/2023 10:00:11 AM
- Form 10-K - Annual report [Section 13 and 15(d), not S-K Item 405] • Edgar (US Regulatory) • 10/13/2023 08:58:03 PM
- Form NT 10-K - Notification of inability to timely file Form 10-K 405, 10-K, 10-KSB 405, 10-KSB, 10-KT, or 10-KT405 • Edgar (US Regulatory) • 09/27/2023 07:27:47 PM
- Form PRE 14C - Other preliminary information statements • Edgar (US Regulatory) • 09/26/2023 11:39:30 AM
Glidelogic Corp. Becomes TikTok Shop Partner, Opening a New Chapter in E-commerce Services • GDLG • Jul 5, 2024 7:09 AM
Freedom Holdings Corporate Update; Announces Management Has Signed Letter of Intent • FHLD • Jul 3, 2024 9:00 AM
EWRC's 21 Moves Gaming Studios Moves to SONY Pictures Studios and Green Lights Development of a Third Upcoming Game • EWRC • Jul 2, 2024 8:00 AM
BNCM and DELEX Healthcare Group Announce Strategic Merger to Drive Expansion and Growth • BNCM • Jul 2, 2024 7:19 AM
NUBURU Announces Upcoming TV Interview Featuring CEO Brian Knaley on Fox Business, Bloomberg TV, and Newsmax TV as Sponsored Programming • BURU • Jul 1, 2024 1:57 PM
Mass Megawatts Announces $220,500 Debt Cancellation Agreement to Improve Financing and Sales of a New Product to be Announced on July 11 • MMMW • Jun 28, 2024 7:30 AM