Sign In

Communications of the ACM

ACM News

Apple Issues Emergency Security Updates to Close a Spyware Flaw


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
Using an iPhone.

Apple products, including iPhones, have been vulnerable since at least March.

Credit: Loic Venance/Agence France-Presse Getty Images

Apple issued emergency software updates for a critical vulnerability in its products on Monday after security researchers uncovered a flaw that allows highly invasive spyware from Israel's NSO Group to infect anyone's iPhone, iPad, Apple Watch or Mac computer without so much as a click.

Apple's security team had worked around the clock to develop a fix since Tuesday, after researchers at Citizen Lab, a cybersecurity watchdog organization at the University of Toronto, discovered that a Saudi activist's iPhone had been infected with an advanced form of spyware from NSO.

The spyware, called Pegasus, used a novel method to invisibly infect Apple devices without victims' knowledge. Known as a "zero click remote exploit," it is considered the Holy Grail of surveillance because it allows governments, mercenaries and criminals to secretly break into someone's device without tipping the victim off.

From The New York Times
View Full Article

 


 

No entries found