Update now! Apple patches a raft of vulnerabilities

Apple has released security updates for its phones, iPads, Macs, watches and TVs. Updates are available for these products: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, Read More …

The outstanding stealth of Operation Triangulation

In the previous blogpost on Triangulation, Kaspersky researchers discussed the details of TriangleDB, the main implant used in this campaign, its C2 protocol and the commands it can receive. The researchers mentioned, among other things, that it is able to Read More …

Zero-days for hacking WhatsApp are now worth millions of dollars

Thanks to improvements in security mechanisms and mitigations, hacking cell phones — both running iOS and Android — has become an expensive endeavor. That’s why hacking techniques for apps like WhatsApp are now worth millions of dollars, TechCrunch has learned. Read More …

Emergency update: Apple patches three zero-days

Apple has released security updates for several products to address a handful of zero-day vulnerabilities that may already have been used by criminals. Updates are available for: iOS 16.7 and iPadOS 16.7 iOS 17.0.1 and iPadOS 17.0.1 watchOS 9.6.3 watchOS Read More …

Apple fixes zero-day bugs used to plant Pegasus spyware

Apple released security updates on Thursday that patch two zero-day exploits — meaning hacking techniques that were unknown at the time Apple found out about them — used against a member of a civil society organization in Washington, D.C., according Read More …

Apple shares fall after China reportedly bans iPhone use by government officials

Apple stocks fell after China reportedly banned officials at central government agencies from using or bringing iPhones and other foreign-branded devices into the office. In recent weeks, Chinese officials were given the instructions by their superiors in workplace chat groups Read More …

CISA Adds Five Known Exploited Vulnerabilities to Catalog

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-32434 Apple Multiple Products Integer Overflow Vulnerability CVE-2023-32435 Apple iOS and iPadOS WebKit Memory Corruption Vulnerability Read more… Source: U.S. Cybersecurity and Read More …

Dissecting TriangleDB, a Triangulation spyware implant

Over the years, there have been multiple cases when iOS devices were infected with targeted spyware such as Pegasus, Predator, Reign and others. Often, the process of infecting a device involves launching a chain of different exploits. Due to this Read More …

In search of the Triangulation: triangle_check utility

In their initial blogpost about “Operation Triangulation”, Kaspersky published a comprehensive guide on how to manually check iOS device backups for possible indicators of compromise using MVT. This process takes time and requires manual search for several types of indicators. Read More …