I'm sure there will be more stories about Apple's new products than the emergency security update that was released on Monday. BTW, patch your iOS devices and Mac's. But this one just scares me a little.
Apple issued emergency software updates for a critical vulnerability in its products on Monday after security researchers uncovered a flaw that allows highly invasive spyware from Israel’s NSO Group to infect anyone’s iPhone, iPad, Apple Watch or Mac computer without so much as a click.
Apple’s security team had worked around the clock to develop a fix since Tuesday, after researchers at Citizen Lab, a cybersecurity watchdog organization at the University of Toronto, discovered that a Saudi activist’s iPhone had been infected with an advanced form of spyware from NSO.
The spyware, called Pegasus, used a novel method to invisibly infect Apple devices without victims’ knowledge. Known as a “zero click remote exploit,” it is considered the Holy Grail of surveillance because it allows governments, mercenaries and criminals to secretly break into someone’s device without tipping the victim off.
Using the zero-click infection method, Pegasus can turn on a user’s camera and microphone, record messages, texts, emails, calls — even those sent via encrypted messaging and phone apps like Signal — and send them back to NSO’s clients at governments around the world.
Invisibly infect the device and get full access, turn on the microphone or camera at will. Seem's like these spy movies aren't too far off.
#healthcare #healthIT #cio #cmio #chime #himss