Vanity Fair |
How a Grad Student Found Spyware That Could Control Anybody's iPhone from Anywhere in the World
Vanity Fair FinSpy was quickly identified as part of a spyware product named “FinFisher,” created and marketed by a British company called Gamma Group, which billed FinFisher as a new way for police and intelligence agencies to monitor criminals and spies. |
The Register |
Report: NSA hushed up zero-day spyware tool losses for three years
The Register Sources close to the investigation into how NSA surveillance tools and zero-day exploits ended up in the hands of hackers has found that the agency knew about the loss for three years but didn't want anyone to know. Multiple sources told Reuters last … The NSA's Hubris and the Shadow Brokers 0-day NSA's Failure to Report Shadow Broker Vulnerabilities Underscores Need for Oversight Exclusive: Probe of leaked US NSA hacking tools examines operative's 'mi… |
WIRED |
A Hacking Group Is Selling iPhone Spyware to Governments
WIRED Mansoor, who is based in the United Arab Emirates, has been targeted by lawful intercept surveillance software before, and Citizen Lab worked with him when his devices were compromised by FinFisher's FinSpy malware in 2011, and Hacking Team's … Citizen Lab researchers discover attack on iPhone belonging to UAE activist Spyware attack forces Apple's hand, iOS patch rushed out The Million Dollar Dissident: NSO Group's iPhone Zero-Days used against a UAE Human Rights Defender – The … |
Apple is issuing patches for three iOS zero-day vulnerabilities known as Trident that have been exploited for years by an Israel-based spyware vendor against a human rights activist, an investigative journalist and others.
The attack, called Pegasus, is flexible, letting attackers steal a broad range of data from iPhones and iPads, according to the firms that discovered it.
“In this case, the software is highly configurable: depending on the country of use and feature sets purchased by the user, the spyware capabilities include accessing messages, calls, emails, logs, and more from apps including Gmail, Facebook, Skype, WhatsApp, Viber, FaceTime, Calendar, Line, Mail.Ru, WeChat, SS, Tango, and others,” according to a blog post by Lookout Security, which, along with Citizen Lab, unearthed the vulnerabilities and Pegasus.
To read this article in full or to leave a comment, please click here