Three iPhone 0-day used for spyware
The new version IOS 9.3.5 has fixed three vulnerabilities that until now they have been used by a spyware named Pegasus, apparently created by NSO Group, an Israeli cyber-espionage services organization. This spyware seems to have been used in a campaign against human rights activist, Ahmed Mansoor, who lives in the United Arab Emirates.
References:
- 24/08/2016 citizenlab.org The Million Dollar Dissident: NSO Group’s iPhone Zero-Days used against a UAE Human Rights Defender
- 25/08/2016 unaaldia.hispasec.com/ http://unaaldia.hispasec.com/2016/08/apple-publica-ios-935-tras-el_25.html
- 25/08/2016 support.apple.com About the security content of iOS 9.3.5
- 25/08/2016 nytimes.com IPhone Users Urged to Update Software After Security Flaws Are Found
- 25/08/2016 wired.com A Hacking Group Is Selling iPhone Spyware to Governments
- 25/08/2016 washingtonpost.com This malware sold to governments could help them spy on iPhones, researchers say
- 25/08/2016 blog.lookout.com Sophisticated, persistent mobile attack against high-value targets on iOS