Making complex data simple and compelling
From digital device to digital evidence
Unlock your vehicle's digital evidence potential
Forensic Analysis and Enhancement
Investigating and analyzing financial records
Gain access to the online accounts of deceased loved ones
Clear, precise evidence for a messy world
Expert reports to suit your specific needs
We can locate people anywhere
Stop worrying and learn the truth
Prevent, Detect, Respond To Cyberattacks
First response is crucial. Every minute counts.
The first response is critical to reduce liability
Detection & Removing Spyware Services
Reduce your electronic risk from digital transmittals
Find out who you are really talking to
Experienced, Confidential Services
Swift, professional incident response
Complicated cases require compelling digital facts
Find, recover and document digital evidence
Bring solid evidence before a judge
Cases can be investigated using Social Media
Divorce, custody battles, and other
Win the most important battle of your life
Everything you need
Effective Expert Witness in Court
Evidence shows who is telling the truth
Subpoena power yields strong evidence
Digital evidence can build a strong defense
Go to court with compelling digital evidence
August 12, 2016 Ahmed Mansour, human rights defender of the United Arab Emirates, received a malicious SMS message on his iPhone 6 (running iOS 9.3.3). The team at the Citizen Lab of the University of Toronto came to the conclusion that Mansoor had been targeted by a combined package of three zero-day exploits capable of taking control of his phone, and spying on his emails, text messages, calls, and contact lists – an assault Which Lookout’s vice president of security research and response, Mike Murray described as showing “an incredible level of sophistication and commitment.”, analyzing this message.
This attack chains is three zero-day attacks together to produce a “one-click jailbreak” of an iOS device.
1. Phishing attack . The hacker uses SMS text messaging or email to send their target a baited link, with suitable inducements to click on it.
2. The CVE-2016-4656: Kernel Information Leak vulnerability , which allows the attacker to calculate the location of the iOS system kernel in the device’s memory.
3. Trident kicks in once the kernel has been located and involves the CVE-2016-4657 weakness, which consists of 32 and 64-bit iOS kernel-level vulnerabilities allowing an attacker to jailbreak a device on the quiet, enjoy read/write privileges, and install their own surveillance software affecting Apple’s own brand and third-party applications.
Apple responded quickly enough to the results of the analysis of the University of Toronto’s Citizen Lab and released an update to iOS 9.3.5, which is strongly recommended for all iPhone or iPad users to download using Settings> General> Software Update. Besides upgrading to iOS 9.3.5, users suspecting a Trident/Pegasus infection have been advised to install the Lookout 4.4.8 app to check if their devices have already been compromised.
In conclusion, I would like to note that the Researchers at North Carolina State University, TU Darmstadt in Germany and the University of Bucharest, are on the lookout for their findings on vulnerabilities in the iOS “sandbox” feature at an upcoming security conference in Vienna. Their studies have apparently thrown up multiple weaknesses capable of allowing attackers to compromise iOS devices in various ways, using third-party apps.
Save my name, email, and website in this browser for the next time I comment.
Speak to a Specialist Now
Get Help Now