PrivacyDigest · @PrivacyDigest
237 followers · 740 posts · Server mas.toResearchers find new bug ‘class’ in Apple devices | Computer Weekly
A group of #vulnerabilities in Apple products that stem from the #ForcedEntry exploit used by #spyware firm #NSO constitutes a whole new class of bug, say researchers at #Trellix
https://www.computerweekly.com/news/365531464/Researchers-find-new-bug-class-in-Apple-devices
#Trellix #nso #spyware #FORCEDENTRY #vulnerabilities
mecambioaMac :mastodon: · @mecambioamac
2 followers · 32 posts · Server mstdn.socialTrellix ayudó a corregir las vulnerabilidades CVE-2023-23520, CVE-2023-23530 y CVE-2023-23531en iOS 16.3 y macOS Ventura 13.2
#ciberseguridad #macOS #iOS #ipadOS #Trellix #cybersecurity #FORCEDENTRY
#FORCEDENTRY #CyberSecurity #Trellix #ipados #iOS #macOS #ciberseguridad
zoug · @zoug
205 followers · 45 posts · Server infosec.exchangeNe manquez pas les deux épisodes de PBS #FRONTLINE consacrés à #Pegasus, le spyware du groupe #NS0. Un behind the scenes édifiant de l'enquête de #ForbiddenStories.
https://www.pbs.org/wgbh/frontline/documentary/global-spyware-scandal-exposing-pegasus/
@Mediapart avait reçu Sandrine Rigaud et Laurent Richard de Forbidden Stories, et des personnes infectées par Pegasus dont ses deux journalistes @EdwyPlenel et Lénaïg Bredoux, pour un À l'Air Libre consacré au sujet :
#FORCEDENTRY , le nom donné à l'exploit zero click récupéré par @citizenlab, a été analysé en profondeur par Google Project Zero. C'est une lecture vivement recommandée. La dernière phrase de la partie 1 : "The bootstrapping operations for the sandbox escape exploit are written to run on this logic circuit and the whole thing runs in this weird, emulated environment created out of a single decompression pass through a JBIG2 stream. It's pretty incredible, and at the same time, pretty terrifying."
https://googleprojectzero.blogspot.com/2021/12/a-deep-dive-into-nso-zero-click.html
#frontline #pegasus #NS0 #forbiddenstories #FORCEDENTRY
Tzafrir · @tzafrir
119 followers · 3071 posts · Server tooot.imSo the #ForcedEntry exploit is merely a method of taking PDF back to its PostScript roots?
Corben Dallas · @Corben78
138 followers · 3433 posts · Server mastodon.social
RT @jsrailton@twitter.com
🚨 UPDATE YOUR APPLE DEVICES NOW🚨
We caught a zero-click, zero day iMessage exploit used by NSO Group's #Pegasus spyware.
Target? Saudi activist.
We reported the #FORCEDENTRY exploit to @Apple@twitter.com, which just pushed an emergency update.
🐦🔗: https://twitter.com/jsrailton/status/1437498350895501314
Guillaume Lours · @glours
258 followers · 5118 posts · Server framapiaf.org
RT @jsrailton@twitter.com
🚨 UPDATE YOUR APPLE DEVICES NOW🚨
We caught a zero-click, zero day iMessage exploit used by NSO Group's #Pegasus spyware.
Target? Saudi activist.
We reported the #FORCEDENTRY exploit to @Apple@twitter.com, which just pushed an emergency update.
🐦🔗: https://twitter.com/jsrailton/status/1437498350895501314
Emzy · @emzy
327 followers · 1651 posts · Server bitcoinhackers.org
RT @jsrailton
🚨 UPDATE YOUR APPLE DEVICES NOW🚨
We caught a zero-click, zero day iMessage exploit used by NSO Group's #Pegasus spyware.
Target? Saudi activist.
We reported the #FORCEDENTRY exploit to @apple, which just pushed an emergency update.