Apple has released iOS 9.3.5 update for iPhones and iPads to patch three zero-day security vulnerabilities. This happenned after finding a piece of spyware targeting the iPhone of a renowned UAE human rights defender, Ahmed Mansoor.
One of the world’s most invasive software weapon distributors is the NSO Group. They have been exploiting three zero-day security vulnerabilities in order to spy on dissidents and journalists.
The NSO Group is an Israeli firm that sells spying and surveillance software that secretly tracks a target’s mobile phone. According to a blog post published by Lookout, the three zero-day flaws, dubbed “Trident” by the firm, involved:
- Firstly, a memory corruption vulnerability in WebKit that could allow hackers to exploit a device when a user clicks on a malicious link.
- Secondly, two kernel bugs (allowing device jailbreak) that an attacker secretly installs malware on victim’s device to carry out surveillance.