If you have an iPhone, you need to update it to the latest operating system, iOS 9.3.5 Just go to your Settings app (the cog symbol), tap “General,” and then “Software Update.” Then tap “Download and Install”.
Why? As Motherboard and Popular Science report today, security researchers have found a new malicious program that can secretly bypass the security on your iPhone and capture almost all of your data, including all your texts, phone calls, emails, even burrowing into your Facebook and Gmail apps.
Fortunately, Apple’s newest version of its free iPhone software, iOS 9.3.5, fixes the security vulnerabilities that this malware uses to attack your phone. So if you download and install it, you should be safe.The photo is from the screen on my iPhone – I have now downloaded the protection.
Again, this is why we need to rethink computer security. This is from Motherboard:
The link didn’t lead to any secrets, but to a sophisticated piece of malware that exploited three different unknown vulnerabilities in Apple’s iOS operating system that would have allowed the attackers to get full control of Mansoor’s iPhone, according to new joint reports released on Thursday by Citizen Lab and mobile security company Lookout.
“One of the most sophisticated pieces of cyberespionage software we’ve ever seen.”
This is the first time that anyone has uncovered such an attack in the wild. Until this month, no one had seen an attempted spyware infection leveraging three unknown bugs, or zero-days, in the iPhone. The tools and technology needed for such an attack, which is essentially a remote jailbreak of the iPhone, can be worth as much as one million dollars. After the researchers alerted Apple, the company worked quickly to fix them in an update released on Thursday.
The question is, who was behind the attack and what did they use to pull it off?
It appears that the company that provided the spyware and the zero-day exploits to the hackers targeting Mansoor is a little-known Israeli surveillance vendor called NSO Group, which Lookout’s vice president of research Mike Murray labeled as “basically a cyber arms dealer.”
As I have been warning. Hacking is on the increase. Zero days attacks are all too common and becoming increasingly damaging. Current cyber-defense methodology is reactive. Look what we just had to do – download a fix. Wouldn’t it be better if the malware could never load on your phone? That there were no zero days?
Until the world adopts a proactive position such as an HDF solution using Host Integrity Technology, and embraces the philosophy that prevention is better than the cure, we will only see more and worse malware attacks. Check out the videos here: www.zerodayplus.com to see what we should be using. This anti-malware solution can stop an attack on a hospital operating table, or from changing traffic lights, or immobilizing police cars, redirecting drones, speeding up trains, or blowing up power plants. Hacking turns our infrastructure against us. It weaponizes it on our own soil.
The government and enterprise must wake up and install Host Integrity Technology. They must stop fighting the last war. Meanwhile, check your iPhone for updates and if you know anything about computers, malware and threats, check out these very cool videos.