A cyber surveillance company based in Israel developed a tool to break into Apple iPhones with a never-before-seen technique that has been in use since February, internet security watchdog group Citizen Lab said Monday. The discovery is important because of the critical nature of the vulnerability, which requires no user interaction and affects all versions of Apple’s iOS, OSX, and watchOS, except for those updated Monday. The vulnerability developed by the Israeli firm, named NSO Group, defeats security systems designed by Apple in recent years. Apple said it fixed the vulnerability in Monday’s software update, confirming Citizen Lab’s finding. An Apple spokesperson declined to comment regarding whether the hacking technique came from NSO Group. In a statement to Reuters, NSO did not confirm or deny that it was behind the technique, saying only that it would “continue to provide intelligence and law enforcement agencies around the world with life-saving technologies to fight terror and crime.” Citizen Lab said it found the malware on the phone of an unnamed Saudi activist and that the phone had been infected with spyware in February. It is unknown how many other users may have been infected. The intended targets would not have to click on anything for the attack to work. Researchers said they did not believe there would be any visible indication that a hack had occurred. The vulnerability lies in how iMessage automatically renders images. IMessage has been repeatedly targeted by NSO and other cyber arms dealers, prompting Apple to update its architecture. But that upgrade has not fully protected the system. “Popular chat apps are at risk of becoming the soft underbelly of device security. Securing them should be top priority,” said Citizen Lab researcher John Scott-Railton. The U.S. Cybersecurity and Infrastructure Security Agency had no immediate comment. Explosion in attacksCitizen Lab said multiple details in the malware overlapped with prior attacks by NSO, including some that were never publicly reported. One process within the hack’s code was named “setframed,” the same name given in a 2020 infection of a device used by journalists at Al Jazeera, the researchers found. “The security of devices is increasingly challenged by attackers,” said Citizen Lab researcher Bill Marczak. A record number of previously unknown attack methods, which can be sold for $1 million or more, have been revealed this year. The attacks are labeled “zero-day” because software companies had zero days’ notice of the problem. New cybersecurity focusAlong with a surge in ransomware attacks against critical infrastructure, the explosion in such attacks has stoked a new focus on cybersecurity in the White House as well as renewed calls for regulation and international agreements to rein in malicious hacking. As previously reported, the FBI has been investigating NSO, and Israel has set up a senior inter-ministerial team to assess allegations that its spyware has been abused on a global scale. Although NSO has said it vets the governments it sells to, its Pegasus spyware has been found on the phones of activists, journalists and opposition politicians in countries with poor human rights records.
…
популярні новини
SpaceX is set to launch four people into space Wednesday on a three-day mission that is the first to orbit the Earth with exclusively private citizens on board, as Elon Musk’s company enters the space tourism fray. The “Inspiration4” mission caps a summer that saw billionaires Richard Branson and Jeff Bezos cross the final frontier, on Virgin Galactic and Blue Origin spaceships respectively, a few days apart in July. The SpaceX flight has been chartered by American billionaire Jared Isaacman, the 38-year-old founder and CEO of payment processing company Shift4 Payment. He is also a seasoned pilot. The exact price he paid SpaceX hasn’t been disclosed, but it runs into the tens of millions of dollars. The mission itself is far more ambitious in scope than the few weightless minutes Virgin Galactic and Blue Origin customers can buy. The SpaceX Crew Dragon will be flying further than the orbit of the International Space Station. “The risk is not zero,” said Isaacman in an episode of a Netflix documentary about the mission. “You’re riding a rocket at 17,500 miles (28,000 kilometers) per hour around the Earth. In that kind of environment there’s risks.” SpaceX has already given no fewer than ten astronauts rides to the ISS on behalf of NASA — but this will be the first time taking non-professional astronauts. Lift-off is scheduled for Wednesday from 8:00 pm Eastern Time (0000 GMT) from launch pad 39A, at NASA’s Kennedy Center in Florida, from where the Apollo missions to the Moon took off. ‘Are we going to the Moon?’In addition to Isaacman, who is the mission commander, three non-public figures were selected for the voyage via a process that was first advertised at the Super Bowl in February. Each crew member was picked to represent a pillar of the mission. The youngest, Hayley Arceneaux, is a childhood bone cancer survivor, who represents “hope.” She will become the first person with a prosthetic to go to space. “Are we going to the Moon?” she asked, when she was offered her spot. “Apparently people haven’t gone there in decades. I learned that,” she laughed, in the documentary. The 29-year-old was picked because she works as a Physician Assistant in Memphis for St. Jude’s Hospital, the charitable beneficiary of Inspiration4. One of the donors secured the seat of “generosity”: Chris Sembroski, 42, is a former US Air Force veteran who now works in the aviation industry. The last seat represents “prosperity” and was offered to Sian Proctor, a 51-year-old earth science professor who, in 2009, narrowly missed out on becoming a NASA astronaut. She will be only the fourth African American woman to go to space. Months of trainingThe crew’s training has lasted months and has included experiencing high G force on a centrifuge — a giant arm that rotates rapidly. They have also gone on parabolic flights to experience weightlessness for a few seconds and completed a high altitude, snowy trek on Mount Rainier in the northwestern United States. They spent time at the SpaceX base, though the flight itself will be fully autonomous. Over the three days of orbit, their sleep, heart rate, blood and cognitive abilities will be analyzed. Tests will be carried out before and after the flight to study the effect of the trip on their body. The idea is to accumulate data for future missions with private passengers. The stated goal of the mission is to make space accessible for more people, although space travel remains for the moment only partially open to a privileged few. “In all of human history, fewer than 600 humans have reached space,” said Isaacman. “We are proud that our flight will help influence all those who will travel after us.”
…