At a glance.
- Google marvels at sophistication of NSO’s FORCEDENTRY exploit.
- Apple removes CSAM messaging.
- The pros and cons of employee monitoring software.
Google marvels at sophistication of NSO’s FORCEDENTRY exploit.
Google's Project Zero bug-hunting group offers an in-depth analysis of NSO Group’s zero-click iMessage exploit, dubbed FORCEDENTRY, that earlier this year was revealed to have been used to hack into the devices of activists, dissidents, and journalists across the globe. After examining a sample provided by Toronto's Citizen Lab, Google found the hack to be “one of the most technically sophisticated exploits we've ever seen, further demonstrating that the capabilities NSO provides rival those previously thought to be accessible to only a handful of nation states.” The report demonstrates that FORCEDENTRY can not only take over a target device completely without any interaction from the user, but it can also set up its own virtualized environment, bypassing the need for a command-and-control server to send instructions to the malware. Project Zero's Ian Beer and Samuel Groß told WIRED, “There are many within the security community who consider this type of exploitation—single-shot remote code execution—a solved problem…This demonstrates that not only is it possible, it's being used in the wild reliably against people.” While Apple’s BlastDoor iMessage protection has succeeded in making interactionless iMessage attacks more difficult to carry out, Beer and Groß warn that there are other companies besides NSO who are likely working on similar exploits.
Apple removes CSAM messaging.
After receiving pushback for controversial child safety measures proposed earlier this year, MacRumors reports that Apple has silently scrubbed all references to Child Sexual Abuse Material (CSAM) from its child safety webpage. Apple’s proposed features faced much criticism from privacy advocates, who compared the on-device CSAM detection tech to surveillance and found it was unsuccessful at actually detecting images of child sexual abuse. Communication Safety features for Messages went live earlier this week, but Apple has decided to hold off on launching the CSAM tech, stating "based on feedback from customers, advocacy groups, researchers and others...we have decided to take additional time over the coming months to collect input and make improvements before releasing these critically important child safety features." Even this mention has disappeared from Apple’s site, making some wonder if CSAM had been permanently sidelined. However, Apple spokesperson Shane Bauer says plans have not changed and that the CSAM measures could still be rolled out in the future.
The pros and cons of employee monitoring software.
Total Security Advisor asks if employee surveillance methods have gone too far. Since the pandemic spurred a surge in remote and hybrid work, the use of employee monitoring tech has increased over 50%, and such surveillance software can track everything from keystrokes to screenshots. Still, studies show that monitoring software doesn’t necessarily increase productivity, and in some cases even compels employees to fake it in order to fool the tech. That said, monitoring has been effective in detecting poor employee cybersecurity habits, and a 2021 global risk study from HP revealed that employee security behaviors are often significantly weaker when working remotely. Still, collecting such employee data can be a threat to company and individual security, so transparency and strong data handling protocols are key.