Researchers at the Qualys Threat Research Unit (TRU) have unearthed discovered a critical security flaw in OpenSSH's server (sshd) in glibc-based Linux systems.
They probably can. jut every hack done has the possibility of spoiling the exploit. A good exploit can cost a million $. So if hacking you is worth more then say 100k to them, you’re in trouble. Otherwise they will only target you with everyday surveilance.
Yes, targeted attacks like that definitely exist, most famously maybe the most recent pressure to merge a vulnerability to the xz library by actor “Jia Tan”:
That’s a spooky one. From first glance - 500 employees and zero click takeovers of phones? Yikes. Makes me want to not have a phone… Ofc Google/Apple/USA have had this capacity for ages
It’s shit like this that makes me convinced that governments can easily hack into pretty much every system
I mean, on TV every character seems to be able to hack any system in a few seconds.
They clearly must have done some research by watching some NSA hackers who can hack every system.
They probably can. jut every hack done has the possibility of spoiling the exploit. A good exploit can cost a million $. So if hacking you is worth more then say 100k to them, you’re in trouble. Otherwise they will only target you with everyday surveilance.
Well only if they know about it before it gets patched…
That’s why there is a huge market for 0-day exploits.
Isn’t there attempts to sneak in vulnerabilities with new commits?
Yes, targeted attacks like that definitely exist, most famously maybe the most recent pressure to merge a vulnerability to the xz library by actor “Jia Tan”:
https://arstechnica.com/security/2024/04/what-we-know-about-the-xz-utils-backdoor-that-almost-infected-the-world/
The NSA is doubtless sitting on a trove of these types of vulnerabilities to use when they really need access to something.
Most can’t, but that’s why clandestine cyber-intelligence firms like NSO group exist.
That’s a spooky one. From first glance - 500 employees and zero click takeovers of phones? Yikes. Makes me want to not have a phone… Ofc Google/Apple/USA have had this capacity for ages