Apple patches against alleged NSO Group zero-click exploit used on activists
Apple released a patch Monday against two security vulnerabilities, one of which the Israeli surveillance company NSO Group has exploited, according to researchers. The updated iOS software patches against a zero-click exploit that uses iMessage to launch malicious code, which in turn allows NSO Group clients to infiltrate targets — including the phone of a Saudi activist in March, researchers at Citizen Lab said. The exploit uses a manipulated gif to crash Apple’s image rendering library. It then launches spyware that researchers say shares distinct features with NSO Group’s Pegasus spyware. Researchers have named the exploit “FORCEDENTRY.” Zero-click exploits prove especially dangerous because they don’t require users to open the malicious message or link for hackers to gain access to your phone. Researchers are urging Apple Mac, iPhone and Apple Watch users to immediately update their iOS software. The NSO Group exploit was a zero-day, or previously unknown, vulnerability. It’s […]
The post Apple patches against alleged NSO Group zero-click exploit used on activists appeared first on CyberScoop.
Continue reading Apple patches against alleged NSO Group zero-click exploit used on activists