Tag Archive for: sues

Apple sues ‘abusive’ iPhone spyware firm | Information Age

/in


Apple is suing an “abusive” Israeli software firm whose spyware has been used by numerous totalitarian governments to spy on journalists, human rights activists, and other persons of interest.

The technology giant this month filed a lawsuit against Tel Aviv firm NSO Group and its parent company, Q Cyber Technologies, seeking damages and a permanent ban preventing the group from using any Apple software, services, or devices.

As part of its campaign against NSO, Apple will fund and provide technical support for anti-surveillance technology groups.

The NSO’s use of FORCEDENTRY – a now-fixed vulnerability that can bypass security controls in Apple’s iOS operating system – enabled it to install Pegasus spyware on targetted iPhones without the victim’s knowledge.

Once installed, Pegasus monitors iPhone activity and communications over iMessage, FaceTime, and third-party software like Facebook and WhatsApp.

It is putatively designed to support law-enforcement agencies and the company claims to “hold ourselves to the highest standards for ethical businesses”, but its historical sales to governments such as Bahrain, Panama, Dubai, and Saudi Arabia – which used it to surveil Washington Post journalist Jamal Khashoggi before he was murdered – have drawn widespread condemnation.

In July, a major multinational investigation, called the Pegasus Project, united 16 media outlets to investigate NSO Group and found a list of 50,000 journalists and politicians targetted by its clients.

More recently, Pegasus was found on the devices of six Palestinian human-rights activists.

“State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability,” said Apple senior vice president of software engineering Craig Federighi in announcing the lawsuit, which also seeks damages for “flagrant violations of US federal and state law”.

“Private companies developing state-sponsored spyware have become even more dangerous,” Federighi said, lauding the efforts of security researchers at the University of Toronto’s Citizen Lab – who discovered that the ‘zero-click’ Pegasus malware can be…

Source…

BabaDeda is out. RATDispenser is out in the wild. Phishng in Farsi. Microsoft bug proofs-of-concept. Apple sues NSO Group.

/in


Attacks, Threats, and Vulnerabilities

New PowerShortShell Stealer Exploits Recent Microsoft MSHTML Vulnerability to Spy on Farsi Speakers (Safebreach) SafeBreach Labs discovered a new Iranian threat actor using a Microsoft MSHTML Remote Code Execution (RCE) exploit for infecting Farsi-speaking victims with a new PowerShell stealer.

The BABADEDA Crypter – an Emerging Crypter targeting the Crypto, NFT, and DeFi communities (Morphisec) Morphisec Labs encountered a new malware called Babadeda targeting cryptocurrency enthusiasts through Discord. We reveal how it can be stopped.

RATDispenser: Stealthy JavaScript Loader Dispensing RATs into the Wild (HP Wolf Security) With a 11% detection rate, RATDispenser appears to be effective at evading security controls and delivering malware.

New JavaScript malware works as a “RAT dispenser” (The Record by Recorded Future) Cybersecurity experts from HP said they discovered a new strain of JavaScript malware that criminals are using as a way to infect systems and then deploy much dangerous remote access trojans (RATs).

PoC Exploit Published for Latest Microsoft Exchange Zero-Day (SecurityWeek) Proof-of-concept exploit code released for code execution flaw affecting on-prem Exchange 2016 and 2019 installations.

Exchange Server admins advised to patch vulnerable machines after POC exploit released for high-severity bug (Computing) Microsoft has described the flaw as having a high impact on data integrity, confidentiality and availability

New Security Shock For Millions Of Windows 10, 11 And Server Users (Forbes) A failed November Patch Tuesday fix could leave millions of Windows 10, Windows 11 and Windows Server users at risk of system takeover.

New Windows zero-day with public exploit lets you become an admin (BleepingComputer) A security researcher has publicly disclosed an exploit for a new Windows zero-day local privilege elevation vulnerability that gives admin privileges in Windows 10, Windows 11, and Windows Server.

Serious Vulnerability Found in Imunify360 Web Server Security Product (SecurityWeek) A vulnerability in the Imunify360 security suite for web servers can be exploited for remote code execution using specially crafted files.

Recent…

Source…

Apple sues NSO Group, company known for hacking iPhones on behalf of governments

/in


Apple CEO Tim Cook delivers the keynote address during the 2020 Apple Worldwide Developers Conference (WWDC) at Steve Jobs Theater in Cupertino, California.

Brooks Kraft/Apple Inc/Handout via Reuters

Apple on Tuesday sued NSO Group, an Israeli firm that sells software to government agencies and law enforcement that enables them to hack iPhones and read the data on them, including messages and other communications.

Earlier this year, Amnesty International said it discovered recent-model iPhones belonging to journalists and human rights lawyers that had been infected with NSO Group malware called Pegasus.

Apple is seeking a permanent injunction to ban NSO Group from using Apple software, services, or devices. It’s also seeking damages over $75,000.

Apple considers the lawsuit to be a warning to other spyware vendors. “The steps Apple is taking today will send a clear message: in a free society, it is unacceptable to weaponize powerful state-sponsored spyware against innocent users and those who seek to make the world a better place,” said Ivan Krstic, Apple’s head of security engineering and architecture, in a tweet.

NSO Group software permits “attacks, including from sovereign governments that pay hundreds of millions of dollars to target and attack a tiny fraction of users with information of particular interest to NSO’s customers,” Apple said in the lawsuit filed in federal court in the Northern District of California, saying that it is not “ordinary consumer malware.”

Apple also said on Tuesday it has patched the flaws that enabled the NSO Group software to access private data on iPhones using “zero-click” attacks where the malware is delivered through a text message and leaves little trace of infection.

Pegasus’ users can remotely surveil the iPhone owner’s activities, collect emails, text messages and browsing history, and access the device’s microphone and camera, Apple alleged in its lawsuit.

Apple said the attacks were only targeted at a small number of customers, and said on Tuesday it will inform iPhone users that may have been targeted by Pegasus malware.

“To deliver FORCEDENTRY to Apple devices, attackers created Apple IDs to send malicious data to a victim’s device — allowing…

Source…

Apple Sues Israeli Spyware Maker NSO Group

/in


An opening for Apple’s lawsuit emerged in March, after NSO’s Pegasus spyware was discovered on the iPhone of a Saudi activist. Citizen Lab discovered that NSO’s Pegasus spyware had infected the iPhone without so much as a click. The spyware could invisibly infect iPhones, Mac computers and Apple Watches, then siphon their data back to government servers, without the target knowing about it.

Citizen Lab called the zero-click infection scheme “Forced Entry” and passed a sample of it to Apple in September. The discovery compelled Apple to issue emergency software updates for its iPhones, iPads, Apple Watches and Mac computers.

The sample of Pegasus gave Apple a forensic understanding of how Pegasus worked. The company found that NSO’s engineers had created more than 100 fake Apple IDs to carry out their attacks. In the process of creating those accounts, NSO’s engineers would have had to agree to Apple’s iCloud Terms and Conditions, which expressly require that iCloud users’ engagement with Apple “be governed by the laws of the state of California.”

The clause helped Apple bring its lawsuit against NSO in the Northern District of California.

“This was in flagrant violation of our terms of service and our customers’ privacy,” said Heather Grenier, Apple’s senior director of commercial litigation. “This is our stake in the ground, to send a clear signal that we are not going to allow this type of abuse of our users.”

After filing its lawsuit Tuesday, Apple said it would offer free technical, threat intelligence and engineering assistance to Citizen Lab and other organizations engaged in rooting out digital surveillance. Apple also said it would donate $10 million, and any damages, to those organizations.

Digital rights experts said Apple’s suit threatened NSO’s survival. “NSO is now poison,” said Ron Deibert, director of Citizen Lab. “No one in their right mind will want to touch that company. But it’s not just one company, this is an industrywide problem.”

He added that the suit could be a step toward more oversight of the unregulated spyware industry.

“Steps like this are useful, but incomplete,” Mr. Deibert said. “We need more action by…

Source…