Amnesty International posts a report on NSO Group’s Pegasus software used to attack iPhones. Attacks were already used on journalists.

Attack includes zero-click iMessage exploit allowing private data access on iPhones. Currently, no clear indications on which iOS versions are affected, but it seems that iOS 14.6 is vulnerable.

NSO Group uses zero day exploits to attack iPhone and Android phones, and sells this software.

Report: Forensic Methodology Report: How to catch NSO Group’s Pegasus

Washington Post: Despite the hype, iPhone security no match for NSO spyware

Reference: Apple defends iPhone security amid NSO’s Pegasus zero-click iMessage exploit, Apple condemns Pegasus cyberattacks against journalists in new statement

Recommendations

Developer:

Beware of potential risks. Consider adding more jailbreak detection metrics to the application.

QA engineer:

Beware of potential risks.

PM/DM:

Beware of potential risks. Consider planning improvements to app data protections.

Join the Conversation

6 Comments

  1. Pingback: Tool to check for Pegasus spyware presence – Mobile People News
  2. Pingback: Apple publishes details of security fixes in iOS 14.7 – Mobile people news
  3. Pingback: Apple releases fixes for iOS, iPadOS and macOS – Mobile People News
  4. Pingback: Apple publishes security updates to iOS, iPadOS, macOS and watchOS – Mobile People News
  5. Pingback: Weekend good reads for Apple developers, issue #2 – Mobile People News
  6. Pingback: Apple sues NSO Group over spyware and iMessage exploits – Mobile People News
Leave a comment

Leave a Reply