[ad_1]
According to security researchers, the vulnerability disclosed by Citizen Lab on Monday allows hackers to use NSO’s malware Pegasus to access devices owned by Saudi activists.
go through Bloomberg
Apple said it has fixed a security vulnerability in the Messages application on all of its major devices, and security researchers say the vulnerability has been actively exploited by the Israel-based NSO Group.
According to security researchers, the vulnerability disclosed by Citizen Lab on Monday allows hackers to use NSO’s malware Pegasus to access devices owned by Saudi activists. Apple stated that if a user of a vulnerable device receives a “maliciously crafted” PDF file, the vulnerability may be exploited.
The malware does not require the victim to participate in the file. According to a report issued by the Citizens Laboratory of the University of Toronto’s network research department, it was enough to infect their devices.
The iPhone manufacturer stated on its website: “Apple is aware of reports that this issue may have been actively exploited.”
Apple is patching bugs on iPhone, iPad, Mac, and Apple Watch through software updates for iOS 14.8, iPadOS 14.8, macOS 11.6, and watchOS 7.6.2. The software release was released the day before Apple’s September 14 product launch, which may stimulate the release of iOS 15. This is Apple’s next major software update that will include additional security protections.
“NSO Group will continue to provide life-saving technologies to intelligence and law enforcement agencies around the world to combat terrorism and crime,” the company said in a statement.
After the spyware of the NSO Group was discovered in the phone calls of activists and reporters criticizing the authoritarian regime, it has been repeatedly criticized by Citizen Lab and other organizations. The NSO Group insists that spyware is designed to combat terrorism and crime, not to help violate human rights.
After Apple’s stock price closed at $149.55 in New York, there was almost no change in after-hours trading.
[ad_2]
Source link