Update your iOS device to 9.3.5 as it fixes serious security vulnerabilities

apple ios 935 update os updates
Got a notification to update your iOS device to 9.3.5? You really shouldn’t wait to install it — the new version fixes three security vulnerabilities that were actively exploited by an Israel-based company in an episode likely involving the UAE government and a spy operation.

The NSO Group sells surveillance software that utilizes three zero-day vulnerabilities in iOS — it’s something that rarely happens in the wild, according to the team of researchers that reported the flaws to Apple. “Zero days” means the flaws were previously unknown, and a company had no time, or “zero days,” to fix them.

It all started with Ahmed Mansoor, a well-recognized human rights defender based in the United Arab Emirates. On August 10 and 11, Mansoor got an SMS on his iPhone “promising “new secrets” about detainees tortured in UAE jails if he clicked on an included link.

Mansoor didn’t click the link — he sent it straight to Citizen Lab researchers housed in the University of Toronto. If Mansoor had followed the link, the exploit would have remotely jailbroken his iPhone 6, and installed spyware.

“Once infected, Mansoor’s phone would have become a digital spy in his pocket, capable of employing his iPhone’s camera and microphone to snoop on activity in the vicinity of the device, recording his WhatsApp and Viber calls, logging messages sent in mobile chat apps, and tracking his movements,” according to Citizen Labs’ report.

The team worked with researchers at Lookout Security and managed to track the exploit back to NSO Group, a “cyber-war” company that sells Pegasus, a government-exclusive “lawful intercept” spyware product. Oddly, NSO Group is owned by an American venture capital firm named Francisco Partners Management.

“The high cost of iPhone zero-days, the apparent use of NSO Group’s government-exclusive Pegasus product, and prior known targeting of Mansoor by the UAE government provide indicators that point to the UAE government as the likely operator behind the targeting,” the researchers write in the report.

Immediately after discovering Trident, Citizen Labs and Lookout Security notified Apple. The Cupertino company said it would address the vulnerabilities — and 10 days later, Apple patched them up in iOS 9.3.5. It’s likely the last update to iOS 9, as iOS 10 is likely to release soon.  

The exploit and patch come weeks after Apple announced its first bug bounty program, which is to begin as an invitation-only process with the company doling out rewards as high as $200,000 for discovered vulnerabilities.

The update is available to all devices running iOS 9 through an over-the-air update.

Emerging Tech

Awesome Tech You Can’t Buy Yet: Folding canoes and ultra-fast water filters

Check out our roundup of the best new crowdfunding projects and product announcements that hit the web this week. You may not be able to buy this stuff yet, but it sure is fun to gawk!
Movies & TV

The best shows on Netflix, from 'Haunting of Hill House’ to ‘Twilight Zone’

Looking for a new show to binge? Lucky for you, we've curated a list of the best shows on Netflix, whether you're a fan of outlandish anime, dramatic period pieces, or shows that leave you questioning what lies beyond.

Protect yourself from the latest malware with the best free antivirus software

Malware, spyware, and adware is never fun to find on your PC. Check out our picks for the best free antivirus software, so you can rid your system of any dangerous software that might be lurking around.

415,000 routers worldwide reportedly infected with cryptojacking malware

Even though there is a fix ready to prevent the threat of a cryptojacking malware discovered in Brazil earlier this year, the rapid growth of infection caused by the malware shows that not many users have installed the patch.

Google to end support for Android devices running Ice Cream Sandwich

Anyone with an old phone that is still running Android 4.0 may want to look into upgrading their phone, as Google has announced that it will be ending support for this older version of Android.

Amazon knocks $30 off its Paperwhite ebook reader in limited-time deal

Amazon is running a couple of limited-time deals for its Paperwhite ebook reader. One offers a $30 discount, while the other throws in a pair of headphones and a free, extended Audible trial.
Product Review

The iPad Pro is the best tablet ever. But don't sell your laptop just yet

Apple has unveiled a big redesign for the iPad Pro, slimming down the bezels, adding Face ID, and the ability to attach and charge the Apple Pencil. All of this comes at a high cost however, as the iPad Pro starts at $799.

New Galaxy S10 leaks showcase display sizes, confirm headphone jack return

While we still may be months away from an announcement, there's no doubt about it: Samsung is working hard on its successor to the Galaxy S9. Here's everything we know about the upcoming Samsung Galaxy S10.

Android 9.0 updates to stretch into 2019 -- will your phone get a slice of Pie?

Android 9.0 Pie has been released. But is your phone getting Android 9.0 Pie, and if so, when? We've done the hard work and asked every device manufacturer to see when their devices would be getting the update.

LG G7 owners experiencing dreaded bootloop will have to wait a few days for fix

If you’ve picked up LG’s flagship and it’s not behaving itself, then you might find a solution here. We’ve rounded up the most common LG G7 ThinQ problems and tracked down workarounds and possible fixes.

A render video gives us a 360-degree look at the midrange Pixels

The Google Pixel 3 and Pixel 3 XL are considered to be two of the best Android smartphones, but it looks like Google could be prepping a midrange line. Say hello to the Pixel 3 Lite and Pixel 3 Lite XL.

Honor to out-megapixel the competition with 48MP camera on upcoming View 20

After its phenomenal success with the View 10 in 2018, it looks like Honor is getting ready up the ante with its forthcoming Honor View 20. Here's everything we know about it so far.

Xiaomi is preparing to set records with 48-megapixel phone camera

Bigger doesn't always mean better, but it certainly makes headlines. Chinese mobile giant Xiaomi is set to release a phone camera with a staggeringly large 48 megapixels on a single sensor.

Patent highlights Apple's sky-high ambitions for AirPower wireless charger

At its September event last year, Apple unveiled the AirPower -- its new wireless charging mat that will allow you to charge multiple devices at one time. It has not yet been released. Here's everything we know about the device so far.