Apple Just Gave 1 Billion iPhone Users A Reason To Stay


Protect Your Access to the Internet

Apple has made serious mistakes this year, risking the usual blind trust in the security of its brand. But the iPhone maker has just addressed the most serious of those issues, while giving its billion-plus iPhone users a reason to check their firmware.

When Apple’s iMessage was reportedly targeted by Israeli spyware earlier this year, the iPhone maker was heavily criticized for its near silence on the attacks and for the lack of clarity for users. You’ll likely remember the iOS 14.7 debacle, the “is it fixed or isn’t” debate across security professionals, before concluding that it wasn’t, probably.

The issue for Apple was twofold. First, that its “black box” approach to keeping its OS locked down from security analysts and software made it difficult for anyone to conclude or confirm anything of consequence unless it came from Apple; and second, that Apple wasn’t saying much beyond a high-level statement. Confusion reigned.

I was critical of Apple at the time, arguing that the company had a duty of care to be more open with its users. Is there an issue and how serious is it? How can users check devices for compromises? When will it be fixed and what can be done in the meantime to stay safe? The fact that this particular attack was very targeted isn’t a get-out, not when we’re all encouraged to be cyberchondriacs by the current threat landscape.

WhatsApp’s boss weighed in at the time, having been very open on the issue after his platform was very publicly targeted in 2019, resulting in Facebook suing NSO. “I hope that Apple will start taking that approach too—be loud, join in,” he said. “It’s not enough to say, most of our users don’t need to worry about this. It’s not enough to say ‘oh this is only thousands or tens of thousands of victims’… If anyone’s phone is not secured that means everyone’s phone is not secure.”

Well Apple has now been very loud and is very much joining in. The company’s lawsuit against NSO, “to curb the abuse of state-sponsored spyware,” has been headline news. Not only does this see Apple join Facebook in seeking to use legal redress to dismantle…


Over 100 Million Pieces of Malware Were Made for Windows Users in 2021


Protect Your Access to the Internet

Over 100 million pieces of malware have been produced for Windows devices this year, according to a new analysis by security software company Atlas VPN. 

The report also shows that new malware for devices using Windows operating systems has increased exponentially since 2012, with millions of novel threats appearing in the wild every year. 

Findings like these are a grim reminder that the problem of malware is only going to get worse, which puts even more onus on individuals and businesses alike to deploy antivirus software on internet-connected devices. 

Windows Malware: An Epidemic of Epic Proportions

Atlas VPN has identified 107.28 million new threats designed for Windows devices, which is 16.53 million more than recorded in 2020. That works out at roughly 328,000 every single day, or 227 a minute. 

The data used in Atlas VPN’s analysis was compiled by independent research institute AV-TEST GmBH, which also rates and reviews antivirus software. One of the most worrying statistics to be borne out of the data is that, on average, the amount of new malicious software for Windows OS by 9.5 million since 2012, which equates to a 23% YoY increase: 

(Image courtesy of Atlas VPN)

In an attempt to explain the increase, Atlas VPN highlights the fact that hackers can buy ransomware and malware now, meaning it requires a lot less programming knowledge to launch a cyber attack. At the other end of the market, it’s also now a lot cheaper to hire a hacker to conduct one for you.

“A malicious person with a relatively small budget can cause severe issues to an organization’s security” – Atlas VPN.

Why do Windows Devices Get More Viruses than Mac and Linux?

There’s Safety in Obscurity, not Numbers

Windows is still the most popular operating system used on Desktop PCs by quite some way, and there are also thousands of Windows phones still in use. This makes it the biggest attack surface, so it’s largely a question of supply and demand – and there are an awful lot of Windows devices out there. 

So, if you’re a hacker and you want to infect as many devices as possible with a virus or malware, you’ll have a much better chance of successfully doing so if you’re coding one for the…


Apple sues NSO Group for hacking into iPhones with ‘Pegasus’ Spyware


Protect Your Access to the Internet

Apple has sued Israel’s NSO group, which it says is behind the controversial spyware called Pegasus. 

In a blog post on Tuesday [November 23, 2021], Apple announced the lawsuit against NSO in hopes of holding “it accountable for the surveillance and targeting of Apple users.”

Apple has gone a step further. To prevent NSO from causing “further abuse,” Apple is seeking a “permanent injunction” which would ban NSO from using any Apple software, device, or services.

NSO – A state-sponsored actor

“State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability. That needs to change,” Apple’s senior vice president of Software Engineering, Craig Federighi, said in the blog post.

Federighi added that these threats only affect only a small number of their customers through NSO Group’s “FORCEDENTRY” exploit, which exploited a now-patched vulnerability to break into an Apple user’s phone to install Pegasus.

Initially, the exploit was discovered by Citizen Lab, a research group from the University of Toronto. A list of all targeted individuals in different countries was shared collectively by media houses around the globe earlier this year.

What can Pegasus do?

Pegasus can easily access the microphone, camera, and other data on Apple and Android devices. FORCEDENTRY was delivered to Apple devices by creating Apple IDs that sent dangerous data to a victim’s iPhone. Owing to this, the spyware was installed without the victim’s knowledge.

Apple also announced a $10 million contribution to support cybersurveillance researchers and advocates

The spyware has reportedly been used in countries across the globe including India to snoop on government officials, opposition leaders, activists, and journalists. Earlier, NSO had claimed that it only sells its Pegasus spyware to elected governments across the globe.

Below is the blog post by Apple on the law suit.

Apple sues NSO Group to curb the abuse of state-sponsored spyware

Apple on Tuesday filed a lawsuit against NSO Group and its parent company to hold it accountable for the surveillance and targeting of Apple users.

The complaint provides new…


agiacalone/elk-cloner-malware: Elk Cloner virus for Apple II Computers (Historical Malware)

GitHub – agiacalone/elk-cloner-malware: Elk Cloner virus for Apple II Computers (Historical Malware)


Malware downloaded from PyPI 41,000 times was surprisingly stealthy


Protect Your Access to the Internet

Malware downloaded from PyPI 41,000 times was surprisingly stealthy

PyPI—the open source repository that both large and small organizations use to download code libraries—was hosting 11 malicious packages that were downloaded more than 41,000 times in one of the latest reported such incidents threatening the software supply chain.

JFrog, a security firm that monitors PyPI and other repositories for malware, said the packages are notable for the lengths its developers took to camouflage their malicious code from network detection. Those lengths include a novel mechanism that uses what’s known as a reverse shell to proxy communications with control servers through the Fastly content distribution network. Another technique is DNS tunneling, something that JFrog said it had never seen before in malicious software uploaded to PyPI.

A powerful vector

“Package managers are a growing and powerful vector for the unintentional installation of malicious code, and as we discovered with these 11 new PyPI packages, attackers are getting more sophisticated in their approach, Shachar Menashe, senior director of JFrog research, wrote in an email. “The advanced evasion techniques used in these malware packages, such as novel exfiltration or even DNS tunneling (the first we’ve seen in packages uploaded to PyPI) signal a disturbing trend that attackers are becoming stealthier in their attacks on open source software.”

The researchers said that PyPI quickly removed all malicious packages once JFrog reported them.

Use of open source repositories to push malware dates back to at least 2016, when a college student uploaded malicious packages to PyPI, RubyGems, and npm. He gave the packages names that were similar to widely used packages already submitted by other users.

Over a span of several months, his imposter code was executed more than 45,000 times on more than 17,000 separate domains, and more than half the time, his code was given all-powerful administrative rights. Two of the affected domains ended in .mil, an indication that people inside the US military may have run his script.

In 2017, Slovakia’s National Security Authority…