BLASTPASS: NSO Group iPhone Zero-Click, Zero-Day Exploit Captured in the Wild

Submitted ⁨⁨1⁩ ⁨year⁩ ago⁩ by ⁨mwalimu@baraza.africa⁩ to ⁨technology@lemmy.world⁩

https://citizenlab.ca/2023/09/blastpass-nso-group-iphone-zero-click-zero-day-exploit-captured-in-the-wild/

We refer to the exploit chain as BLASTPASS. The exploit chain was capable of compromising iPhones running the latest version of iOS (16.6) without any interaction from the victim.

source

Comments

Sort:hotnew top

redditReallySucks@lemmy.dbzer0.com ⁨1⁩ ⁨year⁩ ago
“iPhones don’t have malware”

source
- SmashingSquid@notyour.rodeo ⁨1⁩ ⁨year⁩ ago
  Who claims that anymore? Ever since covid there’s been tons of zero days updates. The only security benefit is not having extremely delayed updates like most android devices.
  
  source
  - bobman@unilem.org ⁨1⁩ ⁨year⁩ ago
    Lots of people think iphones are secure.
    
    source
  - antizero99@lemmynsfw.com ⁨1⁩ ⁨year⁩ ago
    Which is why I roll pixel and before that nexus.
    
    source
    -> View More Comments
- HeartyBeast@kbin.social ⁨1⁩ ⁨year⁩ ago
  I think you dropped your straw man
  
  source
some_guy@lemmy.sdf.org ⁨1⁩ ⁨year⁩ ago
The fine folks at CitizenLab are doing such important work. I just want to call out what a net-benefit they are for us all. I can’t count how many times I see or hear their name in sec updates, sec podcasts, news stories, etc. Thank you to CitizenLab!

source
- PlexSheep@feddit.de ⁨1⁩ ⁨year⁩ ago
  I hear only good stuff from them. I think they were featured in the last episode of darkness diaries too.
  
  source
sebinspace@lemmy.world ⁨1⁩ ⁨year⁩ ago
Must be what the 16.6.1 update was for last night

source
- mwalimu@baraza.africa ⁨1⁩ ⁨year⁩ ago
  Yes. The linked article points to Apple’s release notes.
  
  CVE-2023-41064: The Citizen Lab at The University of Torontoʼs Munk School
  
  source