“The exploit involved PassKit attachments containing malicious images sent from an attacker iMessage account to the victim”, according to the information shared with Cyber Security News. Last week, researchers discovered this zero-click vulnerability being actively utilized to distribute NSO Group’s Pegasus mercenary malware while inspecting the device of a person employed by a Washington DC-based civil society organization with international offices. This exploit chain is referred to as BLASTPASS by Citizen Lab researchers. The researchers reported the vulnerability to Apple, which issued a fix on Thursday to address two zero-day exploits. The capabilities of the Pegasus malware allow its operators access to and the ability to perform on any infected Android and iOS devices microphone recording, emails, SMS, location information, network information, browsing history, and many more.Īccording to Citizen Lab, the exploit chain could infect iPhones running the most recent version of iOS (16.6) without the victim’s involvement.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |