Apple Lawsuit Amps Up Pressure on Pegasus Spyware-Maker

In the wake of a zero-click zero-day exploit that was deployed against iPhone users, Apple has filed a lawsuit against NSO Group. The complaint alleges that the maker of the infamous Pegasus mobile spyware is responsible for the illegal surveillance of Apple users. The computing giant is looking...

NYT Journalist Repeatedly Hacked with Pegasus after Reporting on Saudi Arabia

The iPhone of New York Times journalist Ben Hubbard was repeatedly hacked with NSO Group's Pegasus spyware tool over a three-year period stretching between June 2018 to June 2021, resulting in infections twice in July 2020 and June 2021. The University of Toronto's Citizen Lab, which publicized t...

iOS / iPadOS 14.5 Updates: Identify Assets Requiring Update and Take Remote Action with VMDR for Mobile Devices

Apple recently released iOS 14.5 and iPadOS 14.5 which include a security update that addresses almost 50 vulnerabilities including several critical RCE and privilege escalation vulnerabilities. Qualys recommends security teams to immediately update all devices running iOS and iPadOS to the lates...

Apple iOS 14 Thwarts iMessage Attacks With BlastDoor System

In an effort to prevent attacks from being launched via its iMessage feature, Apple has debuted a security service called BlastDoor in iOS 14, its current mobile operating system version. First detailed in an analysis this week by Google Project Zero’s Samuel Groß, BlastDoor acts as a “tightly...

Google uncovers new iOS security feature Apple quietly added after zero-day attacks

Google Project Zero on Thursday disclosed details of a new security mechanism that Apple quietly added to iOS 14 as a countermeasure to prevent attacks that were recently found to leverage zero-days in its messaging app. Dubbed "BlastDoor ," the improved sandbox system for iMessage data was...

A Look at iMessage in iOS 14

Posted By Samuel Groß, Project Zero On December 20, Citizenlab published “The Great iPwn”, detailing how “Journalists were Hacked with Suspected NSO Group iMessage ‘Zero-Click’ Exploit”. Of particular interest is the following note: “We do not believe that the exploit works against iOS 14 and...

Zero-Click Apple Zero-Day Uncovered in Pegasus Spy Attack

Four nation-state-backed advanced persistent threats APTs hacked Al Jazeera journalists, producers, anchors and executives, in an espionage attack leveraging a zero-day exploit for Apple iPhone, researchers said. The attack, carried out in July and August, compromised 36 personal phones belonging...

iPhones of 36 Journalists Hacked Using iMessage Zero-Click Exploit

Three dozen journalists working for Al Jazeera had their iPhones stealthily compromised via a zero-click exploit to install spyware as part of a Middle East cyberespionage campaign. In a new report published yesterday by University of Toronto's Citizen Lab, researchers said personal phones of 36...

Zero-Click exploit allowed attackers to hack any targeted iPhone

By Deeba Ahmed The iOS vulnerability allowed hackers to control your iPhone within radio proximity using AWDL. Here's its demo video. This is a post from HackRead.com Read the original post: Zero-Click exploit allowed attackers to hack any targeted iPhone...

Exploit Reseller Offering Up To $2.5 Million For Android Zero-Days

Well, there's some good news for hackers and vulnerability hunters, though terrible news for Google, Android device manufacturers, and their billions of users worldwide. The zero-day buying and selling industry has recently taken a shift towards Android operating system, offering up to $2.5 milli...

Apple will now pay hackers up to $1 million for reporting vulnerabilities

Apple has just updated the rules of its bug bounty program by announcing a few major changes during a briefing at the annual Black Hat security conference yesterday. One of the most attractive updates is… Apple has enormously increased the maximum reward for its bug bounty program from $200,000 t...