Groups Similar Look up By Text Browse About



Similar articles
Article Id Title Prob Score Similar Compare
212165 TECHREPUBLIC 2021-7-20:
Your iPhone and the Pegasus spyware hack: What you need to know
1.000 Find similar Compare side-by-side
212283 ARSTECHNICA 2021-7-20:
Apple under pressure over iPhone security after NSO spyware claims
0.974 0.663 Find similar Compare side-by-side
212207 ARSTECHNICA 2021-7-19:
“Clickless” exploits from Israeli firm hacked activists’ fully updated iPhones
0.710 0.606 Find similar Compare side-by-side
212495 ARSTECHNICA 2021-7-21:
Report: Apple will introduce a new iPhone SE with A15, 5G in early 2022
0.416 Find similar Compare side-by-side
212421 ZDNET 2021-7-19:
NSO Group's Pegasus spyware used against journalists, political activists worldwide
0.408 Find similar Compare side-by-side
212620 ZDNET 2021-7-22:
Modi government accused of spying on critics and opponents using Pegasus spyware
0.392 Find similar Compare side-by-side
212631 ZDNET 2021-7-22:
Ignored iPhone users feel anger and frustration at Apple
0.386 Find similar Compare side-by-side
212231 ZDNET 2021-7-21:
Best encrypted messaging app 2021: Chat privately
0.370 Find similar Compare side-by-side
212398 ZDNET 2021-7-18:
iPhone owners keep mocking Android users and people are hurting
0.358 Find similar Compare side-by-side
212545 THEVERGE 2021-7-23:
Apple Music’s spatial audio and lossless streaming are now available on Android
0.350 Find similar Compare side-by-side
212183 ZDNET 2021-7-21:
Apple confirms iOS 14.7 unlocking bug headache, especially for enterprise users
0.348 Find similar Compare side-by-side
212198 ARSTECHNICA 2021-7-19:
New iOS 14.7, tvOS 14.7, and watchOS 7.6 updates expand ECG support and more
0.340 Find similar Compare side-by-side
212626 ZDNET 2021-7-22:
Why you need to update your iPhone and iPad now
0.334 Find similar Compare side-by-side
212200 ZDNET 2021-7-21:
'Where's my iPadOS 14.7 update?'
0.334 Find similar Compare side-by-side
212373 ZDNET 2021-7-20:
Should you install iOS 14.7?
0.333 Find similar Compare side-by-side
212411 ZDNET 2021-7-16:
Microsoft points the finger at Israeli spyware seller for DevilsTongue attacks
0.333 Find similar Compare side-by-side
212348 ZDNET 2021-7-20:
Verizon to bring RCS to all Android smartphones by 2022
0.324 Find similar Compare side-by-side
212453 ZDNET 2021-7-20:
The Android apps on your phone each have 39 security vulnerabilities on average
0.323 Find similar Compare side-by-side
212329 ZDNET 2021-7-20:
DHS releases new mandatory cybersecurity rules for pipelines after Colonial ransomware attack
0.321 Find similar Compare side-by-side
212367 VENTUREBEAT 2021-7-19:
Threat modeling can protect data used by AI assistants
0.318 Find similar Compare side-by-side
212386 ZDNET 2021-7-19:
Apple iOS 14.7 update rolls out: Combined Apple Card accounts and more
0.316 Find similar Compare side-by-side
212615 ZDNET 2021-7-21:
Joker billing fraud malware found in Google Play Store
0.315 Find similar Compare side-by-side
211985 TECHREPUBLIC 2021-7-16:
The number of false positive security alerts is staggering. Here's what you can do to reduce yours
0.306 Find similar Compare side-by-side
212004 ZDNET 2021-7-16:
Toddler mobile banking malware surges across Europe
0.305 Find similar Compare side-by-side
212428 ZDNET 2021-7-19:
DOJ charges four members of Chinese government hacking group
0.304 Find similar Compare side-by-side

1

ID: 212165

URL: https://www.techrepublic.com/article/your-iphone-and-the-pegasus-spyware-hack-what-you-need-to-know/

Date: 2021-07-20

Your iPhone and the Pegasus spyware hack: What you need to know

The iPhone has always been lauded for its tight security and privacy controls, especially compared with Android devices. But that reputation took a hit this week with the revelation that a spyware program ostensibly used to hack into the phones of criminals and terrorists was abused by certain authoritarian governments to compromise the iPhones of journalists, activists and other prominent people. Amnesty International just announced the results of analysis conducted by it and journalist advocacy and media group Forbidden Stories. The findings indicated that the Pegasus spyware program sold by surveillance company NSO Group was able to infect iPhone 11 and iPhone 12 models through zero-click attacks in the iOS iMessage app. Based on a data leak of more than 50,000 phone numbers, Amnesty's Security Lab analyzed 67 smartphones and found Pegasus infections or attempted infections on 37 of them, according to The Washington Post. Thousands of Android phone users had also been targeted, according to Amnesty. But in contrast to iOS, Google's Android operating system doesn't retain the usable logs needed to detect the Pegasus spyware infection. The iPhone 11 and 12 models were outfitted with the latest update, namely iOS 14.6 at the time, which was released on May 24, 2021. Sold by NSO Group to governments, the Pegasus software is considered a form of mobile malware by security firm Lookout, and one that allows its operators to obtain GPS coordinates, text messages, photos, emails and encrypted chats from apps like WhatsApp and Signal. Pegasus is also able to record phone calls and turn on the microphone and camera without the user's knowledge. Since its discovery by Lookout and Citizen Lab in 2016, Pegasus has gotten smarter. The program can now run on a targeted device without requiring any interaction by the user. This means the operator of the spyware can send it directly to a phone through SMS, email, social media and certain types of apps. Pegasus sounds like a serious threat to people who have been targeted by its operators. But how grave a danger is it to the security and privacy of the average iPhone owner? On one side is the NSO Group, which has criticized the findings of Amnesty and Forbidden Stories. In an update on its website, the group said that the report is "full of wrong assumptions and uncorroborated theories," adding that it denies the false allegations. "We would like to emphasize that NSO sells its technologies solely to law enforcement and intelligence agencies of vetted governments for the sole purpose of saving lives through preventing crime and terror acts. NSO does not operate the system and has no visibility to the data." On another side is Apple, which has been put in the position of having to defend the security of its flagship phone and explain how its core messaging app could be vulnerable to this type of exploit. The following statement shared with TechRepublic and attributable to Apple Security Engineering and Architecture head Ivan Krstić walks the fine line of condemning the malicious use of Pegasus but painting the incident as one that wouldn't affect the average person. "Apple unequivocally condemns cyberattacks against journalists, human rights activists and others seeking to make the world a better place. For over a decade, Apple has led the industry in security innovation and, as a result, security researchers agree iPhone is the safest, most secure consumer mobile device on the market. Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals. While that means they are not a threat to the overwhelming majority of our users, we continue to work tirelessly to defend all our customers, and we are constantly adding new protections for their devices and data." However, Apple's statement that it's "constantly adding new protections" could be a sign that the company does see this as a security threat and may be working on a fix for a future update to iOS. At the very least, the company should be taking this seriously. "It's clear that the iOS iMessage service is a bit of a mess from a security perspective," said Oliver Tavakoli, CTO at security firm Vectra. "Apple has added more and more functionality to it—and every piece of functionality comes with the potential for exploitable vulnerabilities. Also, the fact that iMessage does not distinguish how it handles inbound messages from known contacts versus perfect strangers opens phones up to exploitation from anywhere." And on yet another side are Amnesty International, Forbidden Stories and the news publications and analysts who see this as an alarming use and abuse of a specific technology but differ as to whether that tech was designed with malicious intent in mind. "NSO Group has been suspected of selling its spyware to some of the world's most oppressive governments and leaders," said Paul Bischoff, privacy advocate for Comparitech. "NSO Group is in effect a weapons dealer, and there's very few restrictions on to whom it can sell its weapons." But Brian Higgins, security specialist at Comparitech, believes that NSO Group does its best to control the deployment of its Pegasus software, adding that there will always be consumers who want to change the purpose of the product for their own ends. In the meantime, mobile phone owners users sufficiently alarmed and enterprising enough can download and install a Mobile Verification Toolkit (MVT) created by Amnesty. Available from GitHub, MVT can analyze data from Android devices and records of backups from iPhones to look for potential signs of compromise. Whether you want iPhone and Mac tips or the latest enterprise-specific Apple news, we've got you covered. Delivered Tuesdays