Why Apple Just Made a Key Anti-Spyware iPhone Security Update | NECN
National & International News
The day’s top national and international news

Why Apple Just Made a Key Anti-Spyware iPhone Security Update

Hidden behind a link in a text message was a highly targeted form of spyware crafted to take advantage of three previously undisclosed weaknesses in Apple's mobile operating system

    processing...

    NEWSLETTERS

    AP
    Logo of the Israeli NSO Group company is displayed on a building where they had offices until few months ago is seen in Herzliya, Israel, Thursday, Aug. 25, 2016. A botched attempt to break into the iPhone of an Arab activist using hitherto unknown espionage software has trigged a global upgrade of Apple's mobile operating system, researchers said Thursday. The spyware took advantage of three previously undisclosed weaknesses in Apple's mobile operating system to take complete control of iPhone devices, according to reports published Thursday by the San Francisco-based Lookout smartphone security company and internet watchdog group Citizen Lab. Both reports fingered the NSO Group, an Israeli company with a reputation for flying under the radar, as the author of the spyware.

    The suspicious text message that appeared on Ahmed Mansoor's iPhone promised to reveal details about torture in the United Arab Emirates' prisons. All Mansoor had to do was click the link. 

    Mansoor, a human rights activist, didn't take the bait. Instead, he reported it to Citizen Lab, an internet watchdog, setting off a chain reaction that in two weeks exposed a secretive Israeli cyberespionage firm, defanged a powerful new piece of eavesdropping software and gave millions of iPhone users across the world an extra boost to their digital security. 

    Lawmakers 'Tricked' Into Honoring Ku Klux Klansman

    [NATL] Tennessee Lawmakers 'Tricked' Into Honoring Ku Klux Klansman

    Lawmakers in Tennessee are crying foul after Republican Rep. Mike Sparks sneaked in a resolution to honor former Ku Klux Klansman Nathan Bedford Forrest with a bust under a different name. The resolution passed unanimously, 94-0, and the bust was installed at the state Capitol before lawmakers realized the mistake. 

    (Published Friday, April 28, 2017)

    "It feels really good," Mansoor said in an interview from his sand-colored apartment block in downtown Ajman, a small city-state in the United Arab Emirates. 

    Cradling his iPhone to show The Associated Press screenshots of the rogue text, Mansoor said he hoped the developments "could save hundreds of people from being targets." 

    Hidden behind the link in the text message was a highly targeted form of spyware crafted to take advantage of three previously undisclosed weaknesses in Apple's mobile operating system. 

    Two reports issued Thursday, one by Lookout, a San Francisco mobile security company, and another by Citizen Lab, based at the University of Toronto's Munk School of Global Affairs, outlined how the program could completely compromise a device at the tap of a finger. If Mansoor had touched the link, he would have given his hackers free reign to eavesdrop on calls, harvest messages, activate his camera and drain the phone's trove of personal data. 

    UC Davis Now Sells Plan B and Condoms From a Vending Machine

    [NATL] UC Davis Now Sells Plan B, Pregnancy Tests and Condoms From a Vending Machine

    Students at the University of California, Davis, can now purchase $30 Plan B emergency contraceptives, pregnancy tests, condoms and other personal care products from a vending machine. The idea came from UC Davis senior Parteek Singh, after a friend was unable to buy emergency contraceptives in time. 

    (Published Friday, April 28, 2017)

    Apple Inc. issued a fix for the vulnerabilities Thursday, just ahead of the reports' release, working at a blistering pace for which the Cupertino, California-based company was widely praised. 

    Arie van Deursen, a professor of software engineering at Delft University of Technology in the Netherlands, said the reports were disturbing. Forensics expert Jonathan Zdziarski described the malicious program targeting Mansoor as a "serious piece of spyware." 

    A soft-spoken man who dresses in traditional white robes, Mansoor has repeatedly drawn the ire of authorities in the United Arab Emirates, calling for a free press and democratic freedoms. He is one of the country's few human rights defenders with an international profile, close links to foreign media and a network of sources. Mansoor's work has, at various times, cost him his job, his passport and even his liberty. 

    Online, Mansoor repeatedly found himself in the crosshairs of electronic eavesdropping operations. Even before the first rogue text message pinged across his phone on Aug. 10, Mansoor already had weathered attacks from two separate brands of commercial spyware. 

    Millennials Found Most Susceptible to Robocalls and Scams

    [NATL] Millennials Found Most Susceptible to Robocalls and Scams

    A new study finds that it is not the elderly who are most susceptible to scam phone calls, but millennials, who are six times more likely to give away credit card information than any other age group. 

    (Published 5 hours ago)

    When he shared the suspicious text with Citizen Lab researcher Bill Marczak, they realized he'd been targeted by a third. 

    Citizen Lab and Lookout both fingered a secretive Israeli firm, NSO Group, as the author of the spyware. Citizen Lab said that past targeting of Mansoor by the United Arab Emirates' government suggested that it was likely behind the latest hacking attempt as well. 

    Executives at the company declined to comment, and a visit to NSO's address in Herzliya showed that the firm had recently vacated its old headquarters — a move recent enough that the building still bore its logo. 

    In a statement released Thursday, which stopped short of acknowledging that the spyware was its own, the NSO Group said its mission was to provide "authorized governments with technology that helps them combat terror and crime." 

    Girl Scalped on Carnival Ride Talks Recovery One Year Later

    [NATL] Girl Scalped on Carnival Ride Talks Recovery One Year Later

    Elizabeth "Lulu" Gilreath talks about her recovery from a carnival ride gone very wrong. Gilreath was scalped when her hair was caught on the King's Crown ride in Omaha, Nebraska, but she does not dwell on the incident, saying "My scars don't define me."

    (Published Friday, April 28, 2017)

    The company said it couldn't comment on specific cases. 

    Marczak said he and fellow-researcher John Scott-Railton turned to Lookout for help to pick apart the malicious program, a process which Murray compared to "defusing a bomb." 

    "It is amazing the level they've gone through to avoid detection," Murray said of the software's makers. "They have a hair-trigger self-destruct." 

    Working over a two-week period, the researchers found that Mansoor had been targeted by an unusually sophisticated piece of software which some have valued at $1 million. He told AP he was amused by the idea that so much money was being poured into watching him. 

    Man Sees Vera Wang Diamond Ring on Sidewalk, Finds Its Owner

    [NATL] Man Finds Vera Wang Diamond Engagement Ring on Sidewalk, Tracks Down Its Owner

    Imagine looking down and finding a pristine diamond ring lying on the sidewalk. That was how Glenn Weddell found a Vera Wang diamond ring one afternoon in Sacramento, California. But instead of keeping it, Weddell hunted down the distraught owner to return the ring in a happy reunion. His method involved posting a sign to a tree downtown and hoping for the best. 

    (Published Thursday, April 27, 2017)

    "If you would give me probably 10 percent of that I would write the report about myself for you!" 

    The apparent discovery of Israeli-made spyware being used to target a dissident in the United Arab Emirates raises awkward questions for both countries. The use of Israeli technology to police its own citizens is an uncomfortable strategy for an Arab country with no formal diplomatic ties to the Jewish state. And Israeli complicity in a cyberattack on an Arab dissident would seem to run counter to the country's self-description as a bastion of democracy in the Middle East. 

    There are awkward questions, too, for Francisco Partners, the private equity firm which owns the NSO Group. Francisco is only an hour's drive from the headquarters of Apple, whose products the cybersecurity firm is accused of hacking. 

    Messages left with Francisco partners' offices in London and San Francisco went unreturned. Israeli and Emirati authorities did not return calls seeking comment. 

    Inmate Convulses During Execution With Controversial Drug

    [NATL] Fourth Arkansas Inmate Convulses During Execution With Controversial Drug

    The controversy over midazolam, a drug used during state executions of convicted inmates, rises following the execution of a fourth Arkansas inmate in eight days. Witnesses say Kenneth Williams, put on death row for the 1999 murder of two people, moved and shook during his execution Thursday night.

    (Published Friday, April 28, 2017)

    Attorney Eitay Mack, who advocates for more transparency in Israeli arms exports, said his country's sales of surveillance software are not closely policed. 

    He also noted that Israeli Prime Minister Benjamin Netanyahu has cultivated warmer ties with Arab Gulf states. 

    "Israel is looking for allies," Mack said. "And when Israel finds allies, it does not ask too many questions."