Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
  HOME     MENU     SEARCH     NEWSLETTER    
THE ENTERPRISE SECURITY SUPERSITE. UPDATED 8 MINUTES AGO.
You are here: Home / Viruses & Malware / Apple Releases Critical OS X Patches
Apple Releases Emergency OS X Fix, Urges Users To Update
Apple Releases Emergency OS X Fix, Urges Users To Update
By Jef Cozza / Enterprise Security Today Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
SEPTEMBER
02
2016
Tech giant Apple released emergency OS X security updates yesterday -- Security Update 2016-001 El Capitan and Security Update 2016-005 Yosemite -- to address the same three zero-day exploits as last week’s security update for iOS. Those vulnerabilities, known collectively as the Trident vulnerabilities, are being actively used by “cyber warfare” company NSO Group Technologies.

The exploits were first discovered a week ago by researchers at digital security groups Citizen Lab and Lookout Security. “The Trident vulnerabilities used by NSO could have been weaponized against users of non-iOS devices, including OSX,” Citizen Lab wrote in its announcement. “We encourage all Apple users to install the update as soon as possible.”

A Three-Pronged Attack

The Trident vulnerabilities give the NSO Group three ways to attack a target device: they can convince a target to visit a malicious Web site using the Safari browser, which could lead to arbitrary code execution; an application can be made to disclose kernel memory; or an application can be made to execute arbitrary code on the device with kernel privileges.

Those three exploits could essentially allow a hacker to install any type of malware on a victim’s device to spy on the target, or even take full control of the device.

The Trident vulnerabilities came to light after an attempt was made to attack the iPhone of Ahmed Mansoor, a human rights activist based in the United Arab Emirates (UAE). “On August 10 and 11, 2016, Mansoor received SMS text messages on his iPhone promising ‘new secrets’ about detainees tortured in UAE jails if he clicked on an included link,” Citizen Lab wrote on its Web site. Instead of clicking on the link, Mansoor sent the messages to Citizen Lab to investigate.

Who’s the Culprit?

Citizen Lab said the links it received belonged to a collection of exploits connected with the NSO Group. Although based in Israel, the NSO Group is believed to be owned by a U.S. venture capital firm, Francisco Partners Management.

The NSO Group is a cyber weapons company that sells exploit packages such as the one used against Mansoor. Among the products sold by the NSO Group is Pegasus, a so-called “lawful intercept” spyware package sold only to governments.

Had Mansoor clicked on the links, the Web site would have installed malware on his iPhone 6 that would have turned it into a combination spy camera and microphone, capable of recording and transmitting images from his camera, audio from his microphone as well as his WhatsApp and Viber calls, and tracking his movements.

Citizen Lab said that the high cost of iPhone zero-days, the apparent use of NSO Group’s government-exclusive Pegasus product, and prior known targeting of Mansoor by the UAE government suggested that the UAE government is the most likely suspect behind the attack.

But the UAE isn't the only actor connected to NSO. The company also reportedly sold its Pegasus spyware to Ricardo Martinelli, the Panamanian billionaire accused of spying on political opponents and journalists.

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
MORE IN VIRUSES & MALWARE

NETWORK SECURITY SPOTLIGHT
After testing a pilot version in Russia, China, and Nordic countries last year, the Russia-based cybersecurity firm Kaspersky Labs says it will begin a global rollout of its free antivirus product.

ENTERPRISE SECURITY TODAY
NEWSFACTOR NETWORK SITES
NEWSFACTOR SERVICES
© Copyright 2017 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.