Home Tags UAE

Tag: UAE

Finally, someone has a realistic timeline for Mars colonization—the UAE

The ruler of Dubai said humans should aim to colonize Mars a century from now.

Humans must become cyborgs to survive, says Elon Musk

Humans need a high-bandwidth link to machines, so that we don't become obsolete.

It’s Android Wear 2.0 launch day—here’s what’s getting updated

Google announces new hardware and updates with the new smartwatch OS.

eProseed to support 11th MENA Regulatory Summit

eProseed will participate as a Supporting Partner in the 11th MENA Regulatory Summit on February 5th & 6th in Dubai, United Arab Emirates.

The summit will cover the main topical challenges faced by the regulatory authorities and the GRC community, a debate in which eProseed has a pivotal role to play as the publisher of FSIP, a comprehensive financial supervision solution dedicated to Central Banks, Financial Regulators and Supervisory Authorities.

The 11th MENA Regulatory Summit will take place in Dubai, UAE, in association with the Dubai Financial Services Authority (DFSA) and under the patronage of H.E.
Sultan bin Saeed Al Mansouri, the UAE Minister of Economy.

Formerly known as the GCC Regulators' Summit, the event has been renamed in an effort to ensure the utmost involvement of the governance, risk and compliance (GRC) community across the MENA (Middle East and North Africa) region, and to expand the dialogue to neighboring countries that share the same topical risk challenges and regulatory outlook.

eProseed logo

"With increasing demands from many international regulatory bodies, financial supervisory authorities are required to monitor the compliance of their financial institutions against numerous new national and international requirements.
In the MENA region, the recent macroeconomic developments have also triggered an unprecedented demand for collection of high precision data at high frequency from all financial institutions to support a better risk based supervision", comments Geoffroy de Lamalle, Chief Executive Officer of eProseed.

MENA: an increasing role in global compliance and combating financial crime
The 11th MENA Regulatory Summit will be attended and supported by regional and international regulators, financial services professionals, law practitioners, advisors and market players.

The participants will highlight the recent macroeconomic developments in the MENA region including the US election, Brexit aftermath, regional regulatory responses to the financial crisis, the digital revolution in financial services, block chain technology, and crowd funding.

The speakers will set the landscape for international anti-financial crime trends, FATF perspective on terrorist financing and emergent types of financial crimes, and the dangers of withdrawal of correspondent banking relationships. Panelists will also discuss trade-based money laundering and trade finance activities, compliance culture, business conduct, business ethics, and compliance conflicts.

eProseed, the Solution Provider for Financial Supervision
Leveraging the proven expertise in developing and implementing end-to-end business solutions based on Oracle's world-class software technology stack and a close collaboration with major Financial Institutions and Regulators, eProseed has developed eProseed Financial Supervision Insight Platform (FSIP), an end-to-end financial supervision solution dedicated to Central Banks, Financial Regulators and Supervisory Authorities.

"In essence, eProseed FSIP is a comprehensive, highly agile, and plug-and-play financial supervision solution, enabling efficient and pro-active collection of high precision data at high frequency from all financial institutions, as well as automating and integrating all regulatory and supervisory functions in one single software solution", says Geoffroy de Lamalle.

About eProseed
eProseed is an ICT services provider and a software publisher. Honored with 8 Oracle ACE Directors and 14 Oracle Excellence Awards in the last 7 years, eProseed is an Oracle Platinum Partner with in-depth expertise in Oracle Database, Oracle Fusion Middleware and Oracle Engineered Systems.

eProseed’s portfolio of business applications and business accelerators is built on state-of-the-art, reliable technologies and sound knowledge of today’s challenges, developed and maintained with the highest standards in mind.

Comprehensive training and support are provided by eProseed’s experts for both applications and underlying technologies.

Headquartered in Luxembourg, in the heart of Europe, eProseed has offices in Beirut (LB), Brussels (BE), Dubai (AE), London (UK), New York (USA), Porto (PT), Riyadh (SAU), Sydney (AU), and Utrecht (NL).


Alexandra Toma
Email: alexandra.toma@eproseed.com
Phone: +40 767 670 566

‘Dubai Effect’ Takes AspectCTRM Over Middle East Sales Target Line

Press Release The city of Dubai is the backdrop against which commodity trade and risk management (CTRM) vendor Aspect won four landmark new contracts in 2016 for its market information portal and trade and risk management cloud solution - deals which on their own exceeded the company’s multi-million dollar sales target for the entire Middle East. In part the wins highlight how enlightened UAE government policy is continuing to boost Dubai as an entrepreneurial hot house in which new sectors such as trading can flourish.

They also highlight how the global shift to the cloud-based CTRM delivery model pioneered by Aspect is continuing to accelerate, with legacy vendors increasingly failing to win license renewals, and losing out to the cloud on new contracts. Aspect’s wins in Dubai featured two trading houses moving away from existing legacy software suppliers and two newer trading operations adopting CTRM for the first time.

All four Aspect solutions are fully operational, the latest of them proposed, awarded, and delivered in just eight weeks to meet a go-live deadline before the start of Ramadan. “These contracts further prove that AspectCTRM is the best fit with the needs of today’s trading houses, but they also highlight how Dubai is growing in importance as a center of oil trading activity,” said Aspect CEO Steve Hughes. “We are responding by building a dedicated local team of pre and post-sales experts to ensure that we can react even more quickly as Dubai continues its remarkable growth story.” Aspect’s four new customer wins in Dubai – Ferrocadia, Gulf Petrochem, Qaiwan Group, and MENA Energy – head a pipeline of further deals expected to close in the coming quarters. Of the recent four, MENA Energy, is a fully integrated business with its own refining, storage, shipping and financing operations.

After a competitive evaluation MENA Energy decided that AspectDSC and CTRM provided the superior combination of functionality and cost, better able to support its goal of growth through working smarter and more productively. About AspectAspect is a leading global provider of multi-commodity trade, risk and operations management applications delivered Software-as-a-Service (SaaS) in the cloud. With almost 500 customers in 90 countries, it’s one of the fastest growing providers with rapid deployment, affordable subscriptions, and immediate ROI for all size companies.
Solutions include AspectCTRM®, a full-featured commodity trading and risk management enterprise suite for front, middle and back office.
It’s available in three editions: Lite, Standard and Enterprise, expanding in functionality according to the needs and budgets of clients.

Aspect is the only ETRM/CTRM solutions provider with market data and analytics tools delivered with its trade and risk functions on the same platform.

This provides users with a seamless packaged solution beginning with pre-trade pricing analysis and market assessments via AspectDSC.

Aspect’s solutions are available on desktop, tablets and mobile devices and through its Aspect Partner Program (APP). Media ContactBrigette GebhardAspect+1 347-328-0396bgebhard@aspectenterprise.com

Security hardened, pah! Expert doubts Kaymera’s mighty Google’s Pixel

Kaymera: building on shoulders of a giant, claim The arrival of a security hardened version of Google’s suppoed "iPhone killer" Pixel phone from Kaymera has received a sceptical reception from one expert. Kaymera Secured Pixel is outfitted with Kaymera’s own hardened version of the Android operating system and its security architecture. This architecture is made up of four layers: encryption, protection from malicious downloads, a prevention layer that monitors for unauthorised attempts to access OS functions (such as microphone, camera or GPS), and a detection and enforcement layer that monitors, detects and blocks malicious code or misbehaving apps.
Indecent mobile security experts have questioned whether the technology offers much by way of benefits over that offered by native Pixel smartphones. But professor David Rogers, chief executive of Copper Horse and a Lecturer in mobile systems security at the University of Oxford, questioned what exaclty is new. “Many of the proposed functions are already in-built into Pixel (examples below), so what are the extra benefits Kaymera offers?” For example, Pixel has full device encryption and file-based encryption, backed by TrustZone. Plus, as it's Google’s own phone, Pixel is first in line for patching - an important security defence in itself. “Pixel has many other functions and capabilities built over many years including Position Independent Execution (PIE), Address Space Randomisation Layout (ASLR), SE Linux and so on,” Rogers added. Kaymera responded that its kit offered benefits on this front by enforcing security controls built into Pixel but not actually enforced. Oded Zehavi, Kaymera chief operating offficer, told El Reg: “In places where Google has good enough security, we leverage the existing functionality (in many of the examples given here, the functionality is not actually enforced.
In these cases we enforce and prevent disabling of the security functionality by negligent users or malicious hackers).” Third-parties building on Google security do not have a good track record in this space (including Blackphone) in terms of getting their own code secure and tested properly, including updates.  Rogers is unconvinced that Kaymera will do any better with hardening Pixel than others have done with hardening Android. Zehavi responded that Kaymera devices have been tested to the most rigorous standards by governments around the world. “As a philosophy we always have more than one security layer against any attack vector hence we don’t trust any single security measure including Google security measures.

For example, our prevention layer feeds with fake resources any payload that may overcome the OS hardening and get loaded onto the device,” Zehavi said. Rogers remains unconvinced about the security proposition of the Kaymera Secured Pixel, especially in the absence of NCSC certification or US security certification.
It’s more like “some kind of Chimera rather than a Kaymera,” he cuttingly concluded. “If Kaymera really want to protect against comms interception, low-level malware attacks and so on, they would have to build some kind of firewall and introspection capability,” Rogers said. “To do that they would need access inside the Radio Interface Layer and also to processes and app data.” “Google’s security architecture does not allow this unless you ‘roll your own’ in a big way, creating your own device and modifying the AOSP [Android Open Source Project] code to deliver a bespoke device,” he added. Creating a bespoke device risk undoing Google’s security controls, Rogers warned. “Application sandboxing and isolation there for a reason, including enforcing the Principle of Least Privilege,” he said. The Israeli manufacture said it had been careful to add extra security without breaking Google’s existing controls. Zehavi explained: “Even though we embed our code deep into the AOSP code in layers that are beyond what regular applications can reach, we do not break any existing Google security measures including the sandboxing etc.
Instead, we add extra measures across the board that, as mentioned, leverage the existing mechanism but bring the device to a total different level of security which cannot be achieved via the application layer alone.” Rogers responded: “They admit to using AOSP which I guess means they self-sign the build of the device themselves.

That then comes down to a question of trust in who is digitally signing the product (that gives that signer access to absolutely everything, the radio path, the private data, the lot).“ The Kaymera Secured Pixel is aimed at business and government customers prepared to pay for extra to avoid the security weaknesses associated with the ‘off the shelf’ Android operating system.

The device retains the original Google device’s purpose-built hardware, features and ergonomics. Users can, for example, still use the fingerprint scanner. Kaymera devices are centrally managed via the company’s management dashboard, enabling easy enforcement of security policies on the smartphone. Kaymera’s secured Pixel phone is available immediately. Kaymera was started in late 2013 by the founders of NSO, the surveillance tech provider whose legitimate iPhone spyware malware was used to target the phone of UAE human rights activist Ahmed Mansoor in August 2016.  The spyware caused Apple to rush out emergency software patches, to plug vulnerabiliies in its iOS mobile operating system. The Israeli firm is open about its roots.
If NSO is a ‘poacher’, selling surveillance tools to governments, then Kaymera is the gamekeeper, its pitch runs. “I’m not sure I can buy in to the poacher turned gamekeeper thing here and I would rather trust Google in this case,” Rogers concluded. ® Sponsored: Want to know more about Privileged Access Management? Visit The Register's hub

Sneaky chat app Signal deploys decoy domains to deny despots

Reasonably secure messenger has, for now, outwitted those who would block it The latest update of Signal, one of the most well-regarded privacy-focused messaging applications for non-technical users, has just been revised to support a censorship circumvention technique that will make it more useful for people denied privacy by surveillance-oriented regimes. In response to reports that Egypt and the United Arab Emirates have been blocking Signal messaging through regional ISPs, Open Whisper Systems has revised the Android version of Signal to implement a technique called domain fronting. "With today's release, domain fronting is enabled for Signal users who have a phone number with a country code from Egypt or the UAE," said company founder Moxie Marlinspike in a blog post. "When those users send a Signal message, it will look like a normal HTTPS request to www.google.com.

To block Signal messages, these countries would also have to block all of google.com." As described in a 2015 paper by researchers from the University of California, Berkeley, Psiphon, and Brave New Software, domain fronting relies on the use of different domain names at different application layers to evade censorship. In contrast to a typical HTTPS request, where the domain name is echoed across the DNS query, the TLS Server Name Indication (SNI) extension, and the HTTP Host header, a domain-fronted request includes a decoy domain and a real domain. The DNS query and SNI present the "front domain" while the HTTP Host header, inaccessible in transit thanks to HTTPS, contains the actual destination – presumably a domain that's disallowed or censored. When the front domain is something like "google.com," then blocking that domain would deny everyone on the censored network access to Google. According to Marlinspike, Open Whisper's goal is to make disabling the internet the only option for regimes that would disable Signal. Domain fronting requires a CDN, to receive the request on an edge server and forward the request to the domain in the HTTP host header, or a service that provides similar functionality, like Google's App Engine, through a reflection script. Such service typically isn't free.

The research paper cites costs ranging from $0.10–0.25 per GB among service providers like Google App Engine, Amazon CloudFront, Microsoft Azure, Fastly, and CloudFlare.

This may explain why Signal isn't making domain fronting a default everywhere. Marlinspike said an iOS version of Signal that supports domain fronting is available through Signal's beta channel and a stable version is expected soon.
Subsequent updates, he said, will improve censorship detection and circumvention and broaden the availability of domain fronting. ® Sponsored: Next gen cybersecurity.
Visit The Register's security hub

Gulf Petrochem Group Selects AspectCTRM To Drive Growth

Gulf Petrochem Group, the UAE-based global oil and petrochemicals conglomerate, has today announced that it has selected cloud-based E/CTRM technology from Aspect to help drive future growth.The Group, valued at $2.5bn is active in oil trading, bunkering, manufacturing and refining, storage, shipping and logistics and related areas, and is a leading bunkering firm in the Gulf and ARA (Europe) regions.

The company’s continuing success has meant it has effectively outgrown its previous CTRM platform and needed to upgrade. Niranjan Desai, Gulf Petrochem’s Global head of IT Operations explains, “As our business continues to grow in both scale and by geography, the timely reporting of P&L and inventory across all of our offices was becoming more challenging considering our dependence on disparate legacy solutions that did not integrate adequately.

AspectCTRM’s complete, fully integrated trade, risk and operations components, and the way it will be able to handle all of the elements of Gulf Petrochem’s business activities seamlessly in just one solution are among the reasons it was chosen.” “Aspect will give us a complete overview of our paper and physical trading, storage, inventory, cargos at sea, bunkering and refining, delivering the same information in real time to our employees around the world.
System based oversight monitoring of trades, the ability to handle real-time valuations and reporting of trade positions are some of the key features that convinced us to choose Aspect’s E/CTRM solution. More over the integration of ETRM with our existing ERP system will truly form the back-bone of information flow in a controlled environment within GP locations across the globe,” added Desai. Fieras Freijeh, Aspect’s Managing Director for the Middle East and Africa, said the Gulf Petrochem deal paved the way for more business in the region: “We’re seeing more companies undergoing renewed growth and finding their previous generation CTRM solutions unable to scale effectively.

Aspect’s cloud-based strategy can be scaled up or down at will depending on business needs.

At the same time Aspect's data foundation means everyone, everywhere in the organization can be confident they are working with the exact same information.” A further benefit of Aspect’s solution will be its designed-for-the-cloud, built-for-the-cloud architecture.

Future expansion in Gulf Petrochem’s business will be easily accommodated by the solution’s inbuilt any-to-many scalability, clear per-seat subscription pricing model and simple upgrade path. About AspectAspect is the leading global provider of multi-commodity trade, risk and operations management applications delivered Software-as-a-Service (SaaS) in the cloud. With almost 500 customers in 90 countries, it’s one of the fastest growing providers with rapid deployment, affordable subscriptions, and immediate ROI for all size companies.
Solutions include AspectCTRM®, a full-featured commodity trading and risk management enterprise suite for front, middle and back office.
It’s available in three editions: Lite, Standard and Enterprise, expanding in functionality according to the needs and budgets of clients.

Aspect is the only ETRM/CTRM solutions provider with market data and analytics tools delivered with its trade and risk functions on the same platform.

This provides users with a seamless packaged solution beginning with pre-trade pricing analysis and market assessments via AspectDSC.

Aspect’s solutions are available on desktop, tablets and mobile devices and through its Aspect Partner Program (APP). About Gulf Petrochem GroupGulf Petrochem Group is a leading player in the oil industry, specializing in Oil Trading and Bunkering, Oil Refining, Grease Manufacturing, Oil Storage Terminals, Bitumen Manufacturing, and Shipping and Logistics. Headquartered in United Arab Emirates, and having a presence in South Asia, the Far East Asia, Africa and Europe, Gulf Petrochem has emerged as one of the well-established manufacturers and traders of petroleum products in major parts of the world.

Qaiwan Group Latest Dubai Based Trading House to Deploy AspectCTRM

Press Release The oil trading arm of Qaiwan Group, a diversified conglomerate based in Kurdistan Region of Iraq, is to deploy AspectCTRM, the cloud-delivered commodities trade and risk management solution, it is announced today. Aspect, which pioneered cloud-delivered CTRM, sealed the deal with Qaiwan’s Dubai-based trading operation bringing 2016 to a close with five new customers in Dubai.

AspectCTRM is due to begin supporting trading at Qaiwan by April 2017.

Aspect’s other 2016 wins in Dubai were all live by the end of September, making Aspect the only CTRM vendor to take any deals from close to live operation in the UAE during 2016. Qaiwan’s Head of Trading Marco Williams said: “We are growing our team of risk managers and traders and need our new people to be able to hit the ground running. We looked at five alternatives and with Aspect we know we have ordered best of breed.

Functionally, AspectCTRM works the way we work, and delivery from the cloud enables Aspect to promise deployment in a matter of weeks from start to go-live, backing up that claim with an impressive list of references both here in Dubai and at other trading centers around the world.” Qaiwan Group is the largest oil trading company in Kurdistan, operating the Bazian Oil Refinery 25 km from Sulaymaniyah, one of only two refineries in the Kurdistan region and producing 40,000 barrels a day.

The refinery is currently the focus of a major modernization and expansion investment program that will see capacity increase to over 125,000 barrels. Aspect’s Managing Director for the Middle East and Africa Fieras Freijeh said: “This is a landmark deal for us, our second with a Kurdistan trading house and our fifth new customer won by our newly-formed Dubai operation in 2016. We are making a major investment in our Dubai team to ensure that we continue to deliver the quick response so valued by our users in the region.” About AspectAspect is a leading global provider of multi-commodity trade, risk and operations management applications delivered Software-as-a-Service (SaaS) in the cloud. With almost 500 customers in 90 countries, it’s one of the fastest growing providers with rapid deployment, affordable subscriptions, and immediate ROI for all size companies.
Solutions include AspectCTRM®, a full-featured commodity trading and risk management enterprise suite for front, middle and back office.
It’s available in three editions: Lite, Standard and Enterprise, expanding in functionality according to the needs and budgets of clients.

Aspect is the only ETRM/CTRM solutions provider with market data and analytics tools delivered with its trade and risk functions on the same platform.

This provides users with a seamless packaged solution beginning with pre-trade pricing analysis and market assessments via AspectDSC.

Aspect’s solutions are available on desktop, tablets and mobile devices and through its Aspect Partner Program (APP).

Apple patches iOS security flaws found in spyware targeting activist

To spy on a human rights activist, hackers allegedly connected to a Middle Eastern government used three previously unknown vulnerabilities in Apple's iOS. The claims -- from research at Toronto-based Citizen Lab and mobile security firm Lookout -- focus on spyware that targeted Ahmed Mansoor, an activist in the United Arab Emirates. Earlier this month, Mansoor received an SMS text message on his iPhone claiming to offer "new secrets" about tortured detainees in his country. However, inside the message was a link that, once clicked, can infect an iPhone with spyware, using three zero-day exploits of iOS, the research found. The exploits work by remotely jailbreaking the device to secretly download the spyware – which can then access the iPhone's camera, microphone, and messages. Lookout called the attack the most sophisticated it's ever seen on a device.

The researchers have already informed Apple about the exploits, and iOS version 9.3.5 -- which was released on Thursday -- fixes the issues. The attack is rare because it used three previously unknown vulnerabilities, suggesting the hackers were well-funded. Just one of these exploits can be worth $1 million. Citizen Lab, however, is pointing fingers at an Israeli security firm called NSO Group, which reportedly specializes in monitoring smartphones of government targets. NSO Group doesn't maintain a website, and an email to the company went unanswered.

But Citizen Lab said leaked documents appear to show the Israeli company selling a spyware product called Pegasus, which matches with the three zero-day exploits found. Citizen Lab also analyzed the domain name in the link Mansoor received via SMS text message.

Following a long internet trail, it found an NSO Group registered email as part of evidence tying the Israeli company to the attack. The UAE likely hired NSO Group to spy on Mansoor, Citizen Lab added. Mansoor has previously been the target of commercial spyware back in 2011 and 2012. "While these spyware tools are developed in democracies, they continue to be sold to countries with notorious records of abusive targeting of human rights defenders," said Citizen Lab, which is based out of the University of Toronto. The UAE's embassy didn't immediately respond for comment.

Apple Patches iOS Zero-Day Flaws Exploited to Attack Activist

An attack against a human rights advocate ends up exposing actions of the NSO Group and a new mobile attack. Apple today issued a critical update to iOS, version 9.3.5, which patches three zero-day exploits that were first discovered in the wild in an attack against human rights advocate Ahmed Mansoor.Apple patched CVE-2016-4655, a kernel memory disclosure issue with the iOS kernel; CVE-2016-4656, a memory corruption vulnerability in the iOS kernel; and CVE-2016-4657, a memory corruption issue in the WebKit browser rendering engine.

Apple credits security research organization Citizen Lab and security firm Lookout with reporting the issue.Citizen Lab, a research group within the Munk School of Global Affairs at the University of Toronto, has a history of helping to identify attacks against human rights advocates. Mansoor, who is based in the United Arab Emirates (UAE), contacted Citizen Lab after receiving a pair of messages he thought were suspicious."On August 10 and 11, 2016, Mansoor received SMS text messages on his iPhone promising 'new secrets' about detainees tortured in UAE jails if he clicked on an included link," Citizen Lab wrote in a report. "Instead of clicking, Mansoor sent the messages to Citizen Lab researchers.  We recognized the links as belonging to an exploit infrastructure connected to NSO Group, an Israel-based 'cyber war' company that sells Pegasus, a government-exclusive 'lawful intercept' spyware product. " Citizen Lab then collaborated with Lookout to investigate the actual attack, which is how the three zero-day flaws in iOS were unraveled.

The three vulnerabilities combine to enable an exploit chain that Citizen Lab is now calling Trident.

The Trident attack would have enabled the attackers to spy on Mansoor's phone and gain access to the device's camera and microphone as well as its location. "The high cost of iPhone zero-days, the apparent use of NSO Group's government-exclusive Pegasus product, and prior known targeting of Mansoor by the UAE government provide indicators that point to the UAE government as the likely operator behind the targeting," Citizen Lab stated.Lookout has published a comprehensive technical analysis of the Pegasus spyware package that the NSO Group sells, which includes the Trident vulnerabilities."The espionage software contains malicious code, processes, and apps that are used to spy, collect data, and report back what the user does on the device," Lookout's analysis explains.The new iOS flaws come at a particularly interesting time, as Apple announced a bug bounty program at the Black Hat USA conference on Aug. 4.

Third-party firms including Zerodium and Exodus Intelligence also offer bounties for iOS, with Zerodium reportedly paying out $1 million for an iOS zero-day exploit.

The FBI reportedly paid $1.3 million for help from a third-party security firm in unlocking an iPhone earlier this year.Given the high value of iOS vulnerabilities, Lookout believes the Trident attack and use of Pegasus is very targeted."We believe this kind of software is very targeted, meaning the purchaser is likely to be both well-funded and specifically motivated," Mike Murray, vice president of Security Research & Response at Lookout, wrote. "The going price for Pegasus was roughly $8 million for 300 licenses, so it's not likely to be used against an average mobile device user, only targets that can be considered of high value."Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com.

Follow him on Twitter @TechJournalist.

Actively exploited iOS flaws that hijack iPhones patched by Apple

Enlarge / iPhone Spyware known as Pegasus intercepts confidential data.Lookout reader comments 47 Share this story Apple has patched three high-severity iOS vulnerabilities that are being actively exploited to infect iPhones so attackers can steal confidential messages from a large number of apps, including Gmail, Facebook, and WhatsApp, security researchers said Thursday. The spyware has been dubbed Pegasus by researchers from mobile security provider Lookout; they believe it has been circulating in the wild for a significant amount of time. Working with researchers from University of Toronto-based Citizen Lab, they have determined that the spyware targeted a political dissident located in the United Arab Emirates and was launched by an US-owned company specializing in computer-based exploits.

Based on the price of the attack kit—about $8 million for 300 licenses—the researchers believe it's being actively used against other iPhone users throughout the world. "Pegasus is the most sophisticated attack we’ve seen on any endpoint because it takes advantage of how integrated mobile devices are in our lives and the combination of features only available on mobile—always connected (WiFi, 3G/4G), voice communications, camera, email, messaging, GPS, passwords, and contact lists," Lookout and Citizen Lab researchers wrote in a blog post. "It is modular to allow for customization and uses strong encryption to evade detection." After the exploits surreptitiously jailbreak a target's iPhone, Pegasus immediately starts trawling through a wealth of its resources.
It copies call histories, text messages, calendar entries, and contacts.
It's capable of activating the cameras and microphones of compromised phones to eavesdrop on nearby activities.
It can also track a target's movements and steal messages from end-to-end encrypted chat apps. As Ars has reported, Apple has already issued updates that patch the three vulnerabilities that make the infections possible. While such attacks are likely to target only the most high-value targets—say, Fortune 500 executives and high-profile dissidents—all iOS users should install the fixes as soon as possible. The researchers have dubbed the exploit Trident because it relies on three separate vulnerabilities, indexed as CVE-2016-4654, CVE-2016-4655, and CVE-2016-4656.

The exploit targeting UAE dissident Ahmed Mansoor arrived in a text message two weeks ago that promised secret information about detainees tortured in UAE jails. Mansoor forwarded the messages to Citizen Lab researchers who determined that the linked webpages led to a chain of exploits that would have jailbroken his iPhone and installed the Pegasus spyware. "In this case, the software is highly configurable," Thursday's blog post continued. "Depending on the country of use and feature sets purchased by the user, the spyware capabilities include accessing messages, calls, emails, logs, and more from apps including Gmail, Facebook, Skype, WhatsApp, Viber, FaceTime, Calendar, Line, Mail.Ru, WeChat, SS, Tango, and others.

The kit appears to persist even when the device software is updated and can update itself to easily replace exploits if they become obsolete." Analysis of the underlying code indicates that it dates back 2013, when iOS version 7 was still in use.
In addition to targeting Mansoor, the researchers believe that other high-value people are also being targeted for purposes of corporate espionage.

The spyware was developed by NSO Group, an Israeli-based division of US-headquartered company Francisco Partners Management.

According to an article published last November by Reuters, Francisco Partners paid $120 million in 2014 to acquire a majority stake in NSO and was exploring a sale that could value the division at $1 billion. NSO Group is so secretive that it has regularly changed its name, Reuters also reported.
It had earnings of about $75 million. The sophisticated attack chaining together three separate iOS vulnerabilities is a testament to both the security of Apple's mobile operating system and the skill of outside attackers at bypassing those considerable protections. Last year, a software broker calling itself Zerodium offered $1 million for iOS exploits that gave attackers complete control of underlying iPhones.

The company pledged to pay a total of $3 million.

Apple, meanwhile, pays a maximum of $200,000 for comparable exploits.

The prices mean that attacks are likely to target only the highest value people as opposed to more opportunistic mass campaigns. The Trident/Pegasus attacks mark the third time Mansoor has been targeted by so-called "legal intercept" malware.

Citizen Lab has uncovered evidence that he was targeted by exploit software known as FinFisher in 2011 and by similar spyware from Italy-based Hacking Team in 2012.

Citizen Lab has also found evidence that NSO Group's exploit infrastructure was used against a Mexican journalist after reporting on corruption by the country's head of state. NSO Group has used fake domains that impersonate the Red Cross, the UK government's visa application processing website, news organizations, and major technology companies. Lookout and Citizen Lab have published additional reports here and here that among other things detail the exploits and a list of behavioral anomalies more advanced iPhone users can use to identify infected devices.