On this week's episode of The Microsoft Threat Intelligence Podcast, Sherrod DeGrippo is joined by Christine Fossaceca, Laurie Kirk, and Apurva Kumar. Today's discussion concerns a recent release from the Chaos Computer Congress, where researchers discovered and analyzed a zero-click attack on iPhones. The attack involves four zero-day vulnerabilities in iOS, requiring a malicious iMessage, a hardware bug, and a Safari exploit. The spyware discovered was specifically targeting security researchers. Sherrod, Christine, Laurie, and Apurva explore the significance of this attack, its implications for mobile security, the concept of zero-click attacks becoming more prevalent on mobile devices, and the importance of researchers being vigilant about their security.
In this episode you’ll learn:
- Why you should consider the threat landscape when traveling internationally
- The technical and strategic aspects of mobile threat intelligence
- Prevalence of spyware on both Android and iOS platforms
Some questions we ask:
- How can attackers disguise Trojans to harvest personal details?
- What are the communication vehicles that you're seeing phishing come from?
- How do I know if I have malware on my phone?
Resources:
Follow Christine on Twitter @x71n3 & @herhaxpodcast
View Laurie Kirk on LinkedIn
View Apurva Kumar on LinkedIn
View Sherrod DeGrippo on LinkedIn
DEV-0196: QuaDream’s “KingsPawn” malware targets Europe, North America, the Middle East, and Southeast Asia | Microsoft Security Blog
37C3 - Operation Triangulation: What You Get When Attack iPhones of Researchers
Related Microsoft Podcasts:
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
Get the latest threat intelligence insights and guidance at Microsoft Security Insider
The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.
