Security Alerts & News
by Tymoteusz A. Góral

History
#1367 NSO group’s iPhone zero-days used against a UAE human rights defender
Ahmed Mansoor is an internationally recognized human rights defender, based in the United Arab Emirates (UAE), and recipient of the Martin Ennals Award (sometimes referred to as a “Nobel Prize for human rights”). On August 10 and 11, 2016, Mansoor received SMS text messages on his iPhone promising “new secrets” about detainees tortured in UAE jails if he clicked on an included link. Instead of clicking, Mansoor sent the messages to Citizen Lab researchers. We recognized the links as belonging to an exploit infrastructure connected to NSO Group, an Israel-based “cyber war” company that sells Pegasus, a government-exclusive “lawful intercept” spyware product. NSO Group is reportedly owned by an American venture capital firm, Francisco Partners Management.

The ensuing investigation, a collaboration between researchers from Citizen Lab and from Lookout Security, determined that the links led to a chain of zero-day exploits (“zero-days”) that would have remotely jailbroken Mansoor’s stock iPhone 6 and installed sophisticated spyware. We are calling this exploit chain Trident. Once infected, Mansoor’s phone would have become a digital spy in his pocket, capable of employing his iPhone’s camera and microphone to snoop on activity in the vicinity of the device, recording his WhatsApp and Viber calls, logging messages sent in mobile chat apps, and tracking his movements.
Read more
#1370 Experts challenge Skyhigh's patent for cloud-based encryption gateway
#1369 New open source ransomware based on hidden tear and EDA2 may target businesses
#1368 Sony finally enables 2FA for PlayStation Network users
#1367 NSO group’s iPhone zero-days used against a UAE human rights defender
#1366 VMware patches flaws in identity and cloud products
#1365 Keystroke recognition uses WiFi signals to snoop
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12