Apple has sent out an urgent update to seal critical hole after a human rights activist was tried hacked.
Apple has now sealed security hole that let spyware listen and give control of iOS devices. It was Ahmed Mansoor who alerted security company Citizen Lab at least widow messages he received on his iPhone.
Laureate
Ahmed Mansoor is an internationally recognized champion of human rights. He has previously received Martin Ennals Award, an award given to the champions of human rights and which is sometimes referred to as “the Nobel Prize for human rights”.
Remote Jailbreak
attack that attempted use of the award-winning menneskerettighetsaktivistens phone is a remote-jailbreak. Put simply would this opened up his phone to install applications not approved by Apple. It is in addition to all of the functions thus would have been open for attackers.
Extremely lucrative
Weaknesses such as this is extremely lucrative for sellers. A genuine “Zero Day Exploit” (zero-day weakness), which is the name given to unknown weaknesses, can be sold for up to 9 million when it affects a larger platform such as iOS. In the case of Mansoor it thus seems that more such “zero-day vulnerabilities” has been put together to create a highly sophisticated attack against activist.
Read also This is widget that Snowden will protect mobiles with
Suspicious message
include BBC report that there were several text messages were sent for iPhone Ahmed Mansoor, who triggered the alarm with apple after Mansoor report. In all, Mansoor tried hacked in three different ways, but there was weakness in SMS attack that has now been addressed.
Had Mansoor followed the link in the text message he received, so would his phone become a “listening post” for attackers where they could use all the functions on the phone. This could for example monitor Mansoor and in his presence, in addition to those he used his phone to communicate with.
Also see : therefore attacks EFF Microsoft and Windows 10
Very sophisticated and rarely
One of the two companies that were involved in the disclosure, Citizen Lab, said that Mansoor received messages 10 and 11 August, the messages promised to reveal secrets about people who were allegedly tortured in prisons in the United Arab Emirates, only he clicked on the provided links.
According to Citizen Lab would Mansoor phone become a digital spy in his pocket, the attackers would have gained complete control over the device.
Citizen Lab also state that they are not aware that an iPhone Jailbreak has been used for such a sophisticated attack, and that weakness is used in an assault campaign such as this makes it all in all is a rare find.
Israeli “cyber war” company
“We recognize links belonging one assault infrastructure connected to the NSO Group, an Israel-based “cyber war” company that sells Pegasus, an authority-exclusive spyware product. NSO Group is reportedly owned by a US investment company Francisco Partners Management, “writes Citizen Lab in its report.
Recommended everyone to update
– We recommend all our customers to always download the latest version of iOS to protect themselves against potential security attacks, said Fred Sainz, spokesman for Apple the New York Times. The update was made available yesterday, Thursday, the version number 9.3.5 and can be installed on both the iPhone and iPad.
BLOG : Norway has an obligation to stop the illegal spying microsoft performs
It is recommended for anyone to update this as soon as possible.
Uncertainty iOS 10
The sudden patch creates little turbulence around those users who are now testing Apple’s next version of iOS. According to a spokesman from Apple that have talked to The Verge that the security gaps that are addressed in 9.3.5 already in place in the latest iOS version 10. It is therefore beta 7, or beta 6 if you are part of the open beta test.
The recommendation is to update to the latest beta version to get the latest updates.
Source:
The Verge
BBC
Citizen Lab
New York Times
No comments:
Post a Comment