Pegasus: You do not need to click on anything…

It is a while since I have written anything about the cyber mercenaries the NSO Group and their Pegasus software. Pegasus is commercially available spyware that the Israeli company will sell to approved governments and law enforcement agencies – although the software has ended up on the phones of various prime ministers and other government officials.

The Canadian research group Citizen Lab, based at the University of Toronto, has an article examining the operation of Pegasus on Apple devices last year, that launched without the user having to click on anything!

Triple Threat: NSO Group’s Pegasus Spyware Returns in 2022 with a Trio of iOS 15 and iOS 16 Zero-Click Exploit Chains – The Citizen Lab

Your takeaway from this is:

  • Although Pegasus is usually targeted at political targets, targets of national interest, journalists, activists, etc.
  • And that these vulnerabilities have been patched.
  • it does not mean that other vulnerabilities are out there in iOS being exploited.

I often write about the need for managing your Android devices, don’t forget it also applies to iOS devices. The risks may be different but if your information is on a device, it needs managing.

Clive Catton MSc (Cyber Security) – by-line and other articles

Further Reading

Please Note:

I am on the road and away from the office, so the news this week is “in brief”. You can still contact me via the contact page and Octagon Technology.