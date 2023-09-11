Stad Liewen

Entdeckt nei Technologien an d'Kraaft vun AI

Technology

iPhone Schwachstelle exposéiert Apparater fir Pegasus Spyware Attacken

ByMampho Brescia

Sept 11, 2023
iPhone Schwachstelle exposéiert Apparater fir Pegasus Spyware Attacken

Last week, cybersecurity researchers at the University of Toronto’s Citizen Lab uncovered a critical vulnerability in iPhone devices that was being actively exploited to deliver the Pegasus spyware developed by the NSO Group. The exploit, known as BLASTPASS, allowed attackers to compromise iPhones running the latest version of iOS (16.6) without any interaction from the victim.

The researchers discovered the vulnerability while examining the device of an individual working for a civil society organization based in Washington DC. The attack involved malicious images sent via iMessage from the attacker’s account to the victim’s device using PassKit attachments. Although Citizen Lab believes the attacker made an installation mistake, their discovery prompted them to disclose their findings to Apple.

Apple swiftly responded by releasing patches and assigning two CVEs (Common Vulnerabilities and Exposures) to address the exploit. They also recommended that all users update their devices immediately. Additionally, Apple’s Lockdown Mode, which provides enhanced protection by blocking various types of potentially malicious content, including message attachments and unrecognized Facetime calls, has been confirmed to prevent this particular attack.

According to Ken Westin, a cybersecurity expert at Panther Labs, the disclosure of this vulnerability will likely lead to more widespread exploitation, extending beyond commercial spyware use. He also expressed concerns about the lack of transparency from NSO regarding the targets of their exploits, highlighting instances where innocent individuals, including journalists and dissidents, have been targeted by authoritarian regimes using Pegasus.

NSO, which has been under scrutiny for alleged surveillance and human rights abuses, declined to respond to the allegations without supporting research. The discovery and swift response by Apple underscore the importance of supporting civil society organizations in the fight against cyber threats and the crucial role of regular software updates in maintaining device security.

Quellen:
- Universitéit Toronto's Citizen Lab
- Reuters

By Mampho Brescia

Verbonnen Post

Technology

Japan fir Methan-Fueled Rakéitemotor fir 2030 Start z'entwéckelen

Sept 16, 2023 Robert Andrew
Technology

Den Entdeckt Samsung Verkaf: Kritt d'Samsung SmartThings Station fir nëmmen $ 1!

Sept 16, 2023 Mampho Brescia
Technology

D'Konscht vum Decluttering: Loosst den Iwwerschoss

Sept 16, 2023 Gabriel Botha

Dir hutt verpasst

Science

Cookies verstoen: Wat Dir musst wëssen

Sept 20, 2023 Mampho Brescia 0 Comments
Science

D'NASA warnt virun der No Approche vum Asteroid 2023 SN1

Sept 20, 2023 Vicky Stavropoulou 0 Comments
Science

D'Roll vun der Mitochondrial DNA an der Mënschereproduktioun

Sept 20, 2023 Robert Andrew 0 Comments
Science

Eng spannend Annular Sonnendäischtert Opportunitéit an Texas State Parks

Sept 20, 2023 Gabriel Botha 0 Comments