CyberSecurityBoard
Sponsor Register Login

New Tool Identifies Pegasus and Other iOS Spyware

Kaspersky's Global Research and Analysis Team has unveiled a new, lightweight method to detect sophisticated iOS spyware, including notorious threats like Pegasus, Reign and Predator.
Writing in an advisory published today, the researchers said they focused on analyzing the previously overlooked forensic artifact, Shutdown.
Log, which is stored within the sysdiagnose archive of iOS devices and retains information from each reboot session.
Anomalies associated with Pegasus became apparent during the reboot.
They were then corroborated by observations from the broader cybersecurity community.
Kaspersky researchers suggested that this log file holds the potential for identifying infections related to these malware families.
To empower users in the fight against iOS spyware, Kaspersky experts have also developed a self-check utility shared on GitHub.
This Python3 script facilitates the extraction, analysis and parsing of the Shutdown.
Log artifact, catering to macOS, Windows and Linux users.
More generally, and in light of the increasing sophistication of iOS spyware, Kaspersky recommended several measures to safeguard against potential attacks.
These include daily reboots to disrupt potential infections, utilizing Apple's lockdown mode and disabling iMessage and FaceTime.
To update iOS promptly to install the latest patches, exercise caution with links and regularly check backups and sys diagnose archives.


This Cyber News was published on www.infosecurity-magazine.com. Publication date: Tue, 16 Jan 2024 16:30:20 +0000


Cyber News related to New Tool Identifies Pegasus and Other iOS Spyware

Citizen Lab details ongoing battle against spyware vendors - Citizen Lab senior researcher Bill Marczak said that while the organization has achieved some important wins against spyware proliferation, the progress is inevitably hindered by vendors that continually adapt their technologies and practices. The ...
5 months ago Techtarget.com
Kaspersky Details Method for Detecting Spyware in iOS - Researchers with cybersecurity firm Kaspersky are detailing a lightweight method for detecting the presence of spyware, including The NSO Group's notorious Pegasus software, in Apple iOS devices. The new method, which calls for looking for traces of ...
5 months ago Securityboulevard.com
Spyware isn't going anywhere, and neither are its tactics - The illegal use of spyware to target high-profile or at-risk individuals is a global problem, as highlighted by this article from The Register that Talos' Nick Biasini just contributed to. As we've written about, many Private Sector Offensive Actors ...
4 months ago Blog.talosintelligence.com
US Uses Visa Restrictions in Struggle Against Spyware - The United States will impose visa restrictions on foreign individuals who have been involving the misuse of spyware, the latest effort by the Biden Administration to address the dangers of the commercial software that often is used by governments ...
5 months ago Securityboulevard.com
Intellexa and Cytrox: From fixer-upper to Intel Agency-grade spyware - Cisco Talos has a new, in-depth analysis of timelines, operating paradigms and procedures adopted by spyware vendor Intellexa. Talos' analysis revealed that rebooting an iOS or Android device may not always remove the Predator spyware produced by ...
6 months ago Blog.talosintelligence.com
Pegasus Spyware Targets Jordanian Civil Society in Wide-Ranging Attacks - Journalists, lawyers, and human-rights activists in the Middle Eastern nation of Jordan face increased surveillance from the controversial Pegasus spyware app, with nearly three dozen civilians targeted over the past four years. According to an ...
5 months ago Darkreading.com
Intellexa Spyware Adds Persistence with iOS or Android Device - In the shadowy realm of commercial spyware, the spotlight turns to the notorious Intellexa spyware and its Predator/Alien solution, as dissected by Cisco Talos in their comprehensive May 2023 report. This expose navigates the labyrinthine intricacies ...
6 months ago Gbhackers.com
U.S. rolls out visa restriction policy on people who misuse spyware to target journalists, activists - WASHINGTON - The Biden administration announced Monday it is rolling out a new policy that will allow it to impose visa restrictions on foreign individuals involved in the misuse of commercial spyware. The administration's policy will apply to people ...
5 months ago Pbs.org
US to Roll Out Visa Restrictions on People Who Misuse Spyware to Target Journalists, Activists - The Biden administration announced Monday it is rolling out a new policy that will allow it to impose visa restrictions on foreign individuals involved in the misuse of commercial spyware. The administration's policy will apply to people who've been ...
5 months ago Securityweek.com
Critics of Putin and his allies targeted with spyware inside the EU - At least seven journalists and activists who have been vocal critics of the Kremlin and its allies have been targeted inside the EU by a state using Pegasus, the hacking spyware made by Israel's NSO Group, according to a new report by security ...
1 month ago Packetstormsecurity.com
Is Your Organization Infected by Mobile Spyware? - The surge in mobile device usage within organizations has inevitably opened the floodgates to a new kind of cyber threat-mobile spyware. The growing dependence on mobile technology has made it imperative for organizations to recognize and mitigate ...
6 months ago Blog.checkpoint.com
What is Spyware? How It Works and How to Protect Yourself Against It - Spyware is a type of malicious software that is designed to collect sensitive data from victims without their knowledge or consent. It is typically installed on computers without the user’s knowledge or consent, and collects sensitive information ...
1 year ago Heimdalsecurity.com
Google says spyware vendors behind most zero-days it discovers - Commercial spyware vendors were behind 80% of the zero-day vulnerabilities Google's Threat Analysis Group discovered in 2023 and used to spy on devices worldwide. Zero-day vulnerabilities are security flaws the vendors of impacted software do not ...
5 months ago Bleepingcomputer.com
New Tool Identifies Pegasus and Other iOS Spyware - Kaspersky's Global Research and Analysis Team has unveiled a new, lightweight method to detect sophisticated iOS spyware, including notorious threats like Pegasus, Reign and Predator. Writing in an advisory published today, the researchers said they ...
5 months ago Infosecurity-magazine.com
US announces visa ban on those linked to commercial spyware - Secretary of State Antony J. Blinken announced today a new visa restriction policy that will enable the Department of State to ban those linked to commercial spyware from entering the United States. As part of this effort, the Biden Administration ...
5 months ago Bleepingcomputer.com
Pegasus Spyware Targets Togolese Journalists' Mobile Devices - Cyberattackers have installed the Pegasus spyware on the phones of multiple journalists in the African country of Togo. According to Reporters Without Borders, the spyware was used by Togo's government until 2021, and there is evidence of at least 23 ...
5 months ago Darkreading.com
iShutdown scripts can help detect iOS spyware on your iPhone - Security researchers found that infections with high-profile spyware Pegasus, Reign, and Predator could be discovered on compromised Apple mobile devices by checking Shutdown. Kaspersky released Python scripts to help automate the process of ...
5 months ago Bleepingcomputer.com
SentinelLabs uncovers new CapraRAT spyware targeting Android users - A new report released today by SentinelLabs, the research arm of listed cybersecurity company SentinelOne Inc., warns of a resurgence of CapraRAT spyware targeting mobile gamers and weapons enthusiasts through malicious Android applications. CapraRAT ...
5 days ago Siliconangle.com
Apple warns people of mercenary attacks via threat notification system - Apple has reportedly sent alerts to individuals in 92 nations on Wednesday, April 10, to say it's detected that they may have been a victim of a mercenary attack. The company says it has sent out these types of threat notifications to over 150 ...
2 months ago Malwarebytes.com
Apple Warns Users Targeted by Mercenary Spyware - Apple this week updated its spyware threat notification system to alert and assist users it identifies as targeted by mercenary spyware attacks. To date, Apple has spotted and alerted users in more than 150 countries that they were targeted in these ...
2 months ago Darkreading.com
US judge rejects NSO's attempt to dismiss Apple lawsuit The Register - A US court has rejected spyware vendor NSO Group's motion to dismiss a lawsuit filed by Apple that alleges the developer violated computer fraud and other laws by infecting customers' iDevices with its surveillance software. Apple sued NSO, developer ...
5 months ago Theregister.com
Vendor Penalized by New York Attorney General for Advertising Unlawful Spyware - The New York Office of the Attorney General has taken action against Patrick Hinchy and the 16 companies he owns for illegally selling and promoting spyware. Since 2011, Hinchy has been running these companies, which offer spyware for Android and iOS ...
1 year ago Securityweek.com
Meta Disrupts 8 Spyware Firms, 3 Fake News Networks - Meta has identified and interrupted six spyware networks linked to eight companies in Italy, Spain, and the United Arab Emirates, as well as three fake news operations from China, Myanmar, and Ukraine. It outlines how fake news operations - ...
4 months ago Darkreading.com
BreachForums admin 'Pompourin' gets 20-year sentence The Register - Last Friday the US District Court for the Eastern District of Virginia ruled [PDF] that Fitzpatrick will spend the next 20 years of his life on supervised release. For the first two years he'll be under home arrest and tracked by a GPS device, and ...
5 months ago Go.theregister.com
TikTok's latest actions to combat misinformation shows it's not just a U.S. problem - Fake news, disinformation, misinformation - whatever label you want to put on it - will not just go away if one election in the U.S. goes one way or the other. It is an issue that is spreading on all platforms in all countries. While they have been ...
4 months ago Blog.talosintelligence.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)