PossibleThreat Articles

Articles for the experts…

Security

ComputerWorld Independent 

Security researchers uncover NSO Group iPhone attacks in Europe

0 Comments , , , , ,

Earlier this week, we saw research showing the noxious NSO Group continues to spy on people’s iPhones in Mexico. Now, Jamf Threat Labs has found additional attacks against human rights activists and journalists in the Middle East and Europe, one of whom worked  for a global news agency.

Older iPhones at most risk

The main thrust of the latest research is that while Apple has taken steps to protect devices running the most recent versions of iOS, these attacks are still being made against older iPhones. Jamf warns that the attacks “prove malicious threat actors will exploit any vulnerabilities in an organization’s infrastructure they can get their hands on.”

To read this article in full, please click here

Read more
ComputerWorld Independent 

Three issues with generative AI still need to be solved

0 Comments , , ,

Disclosure: Qualcomm and Microsoft are clients of the author.

Generative AI is spreading like a virus across the tech landscape. It’s gone from being virtually unheard a year ago to being one of, if not the, top trending technology today. As with any technology, there are issues that tend to surface with rapid growth, and generative AI is no exception.

I expect three main problems to emerge before the end of the year that few people are talking about today.

The critical need for a hybrid solution

Generative AI uses massive language models, it’s processor-intensive, and it’s rapidly becoming as ubiquitous as browsers. This is a problem because existing, centralized datacenters aren’t structured to handle this kind of load. They are I/O-constrained, processor-constrained, database-constrained, cost-constrained, and size-constrained, making a massive increase in centralized capacity unlikely in the near term, even though the need for this capacity is going vertical. 

To read this article in full, please click here

Read more
ComputerWorld Independent 

NSO Group returns with triple iOS 15/16 zero-click spyware attack

0 Comments , , , ,

No matter what US President Joseph R. Biden Jr. said, NSO Group is still around; the privatized spying service produced zero-click exploits against iOS 15 and iOS 16 last year, according to the latest report from Citizen Lab.

It also suggests Lockdown Mode is effective against such attacks.

A trio of exploits used in complex form

The report reflects what Citizen Lab learned from investigating attacks against Mexican human rights defenders. The researchers conclude that NSO Group, called “mercenary hackers” by Apple, has made wide use of at least three zero-click exploits in Apple’s iPhone operating systems against civil society targets worldwide. NSO Group is the infamous firm that created the Pegasus tool used to spy on people.

To read this article in full, please click here

Read more
Microsoft Security 

Nation-state threat actor Mint Sandstorm refines tradecraft to attack high-value targets

0 Comments , , , , , ,

Credit to Author: Microsoft Security Threat Intelligence| Date: Tue, 18 Apr 2023 15:00:00 +0000

Today, Microsoft is reporting on a distinct subset of Mint Sandstorm (formerly known as PHOSPHORUS), an Iranian threat actor that specializes in hacking into and stealing sensitive information from high-value targets. This subset is technically and operationally mature, capable of developing bespoke tooling and quickly weaponizing recently disclosed vulnerabilities.

The post Nation-state threat actor Mint Sandstorm refines tradecraft to attack high-value targets appeared first on Microsoft Security Blog.

Read more