A new spyware has been discovered on the Apple platform. Called Pegasus [1], it turns out to be a sophisticated targeted spyware. Developed by professionals, it uses 0-day vulnerabilities, code obfuscation and encryption techniques. Apple released today an out-of-band patch for iOS (version 9.3.5) [2]. It fixes three critical vulnerabilities: CVE-2016-4655 (Memory Corruption in Safari Webkit) CVE-2016-4656 (Kernel Information Leak Circumvents KASLR) CVE-2016-4657 (Memory Corruption in Kernel leads to Jailbreak) Check on the Apple website if the patch is available for your device and install it as soon as possible (via the usual way: iTunes or Software Updates on your device) [1] https://info.lookout.com/rs/051-ESQ-475/images/lookout-pegasus-technical-analysis.pdf Xavier Mertens (@xme) |
Xme 579 Posts ISC Handler Aug 25th 2016 |
Thread locked Subscribe |
Aug 25th 2016 4 years ago |
Sign Up for Free or Log In to start participating in the conversation!