Conversation

Notices

nixCraft 🐧 (nixcraft@mastodon.social)'s status on Friday, 08-Sep-2023 12:32:09 JST nixCraft 🐧

Apple has just issued an update for Apple products including iPhones, iPads, Mac computers, and Apple Watches. This fixes iPhone Zero-Click, Zero-Day exploit captured in the wild https://citizenlab.ca/2023/09/blastpass-nso-group-iphone-zero-click-zero-day-exploit-captured-in-the-wild/
https://support.apple.com/en-us/HT213905 Update your iOS ASAP. #infosec #security
In conversation about a year ago from mastodon.social permalink
Attachments
1. BLASTPASS: NSO Group iPhone Zero-Click, Zero-Day Exploit Captured in the Wild - The Citizen Lab
  
  from @jsrailton
  
  Citizen Lab found an actively exploited zero-click vulnerability being used to deliver NSO Group’s Pegasus mercenary spyware while checking the device of an individual employed by a Washington DC-based civil society organization with international offices. We refer to the exploit chain as BLASTPASS. The exploit chain was capable of compromising iPhones running the latest version of iOS (16.6) without any interaction from the victim.
2. About the security content of iOS 16.6.1 and iPadOS 16.6.1
  
  This document describes the security content of iOS 16.6.1 and iPadOS 16.6.1.
- nixCraft 🐧 (nixcraft@mastodon.social)'s status on Friday, 08-Sep-2023 17:01:09 JST nixCraft 🐧
  in reply to
  - jaKa Močnik
  - ↫❦ Noptisun ❦↬
  @jkmcnk @Noptisun i think that one targets Windows machine only. The apple on is from NSO group that targets mobile operating systems https://en.wikipedia.org/wiki/NSO_Group
  In conversation about a year ago permalink
  Attachments
  1. NSO Group
    
    NSO Group Technologies (NSO standing for Niv, Shalev and Omri, the names of the company's founders) is an Israeli cyber-intelligence firm primarily known for its proprietary spyware Pegasus, which is capable of remote zero-click surveillance of smartphones. It employed almost 500 people as of 2017.NSO claims that it provides authorized governments with technology that helps them combat terror and crime. The company says that it deals with government clients only. Pegasus spyware is classified as a weapon by Israel and any export of the technology must be approved by the government.According to several reports, NSO Group spyware has been used to target human rights activists and journalists in various countries, was used for state espionage against Pakistan, for warrantless domestic surveillance of Israeli citizens by Israeli police, and played a role in the murder of Saudi dissident Jamal Khashoggi by agents of the Saudi government.In 2019, instant messaging company WhatsApp and its parent company Meta Platforms (then known as Facebook) sued NSO under the United States Computer Fraud and Abuse Act. In 2021,...
- jaKa Močnik (jkmcnk@mastodon.social)'s status on Friday, 08-Sep-2023 17:01:10 JST jaKa Močnik
  in reply to
  - ↫❦ Noptisun ❦↬
  @Noptisun @nixCraft I guess it is related to the NK campaign tracked by google tag https://blog.google/threat-analysis-group/active-north-korean-campaign-targeting-security-researchers/
  In conversation about a year ago permalink
  Attachments
  1. Active North Korean campaign targeting security researchers
    
    Threat Analysis Group shares findings on a new campaign by North Korean actors targeting security researchers.
- ↫❦ Noptisun ❦↬ (noptisun@twiukraine.com)'s status on Friday, 08-Sep-2023 17:01:11 JST ↫❦ Noptisun ❦↬
  in reply to
  
  @nixCraft something's up again? That's too often happening to the system that is so locked down right out of the box.
  
  In conversation about a year ago permalink

Public

Conversation

Notices

Feeds