October 26, 2023 at 05:22PM
Apple released a security update to fix a vulnerability, tracked as CVE-2023-32434, that has already been exploited by cyber snoops. This flaw allowed the execution of arbitrary code with kernel privileges. It is the second patch issued by Apple to address this vulnerability. Kaspersky researchers discovered the bug and reported it to Apple. Three other vulnerabilities, CVE-2023-32435, CVE-2023-38606, and CVE-2023-41990, were also exploited by cyber spies to compromise Apple products. Kaspersky has released a tool to scan for indicators of compromise and promised to provide more technical details soon.
Takeaways from the meeting notes:
– Apple released security fixes, including one for a vulnerability (CVE-2023-32434) that had been exploited by cyber snoops.
– The vulnerability affected iPhones and iPads used before September last year and could allow the execution of arbitrary code with kernel privileges.
– This is the second patch released by Apple to address the vulnerability.
– In July, a previous update addressed the same issue for various iPhone and iPad models, Apple Watches, and computers running certain macOS versions.
– The latest patch (iOS 15.8 and iPadOS 15.8) is available for specific iPhone and iPad models.
– Kaspersky researchers discovered the bug and reported it to Apple as part of their investigation into an espionage campaign called Operation Triangulation.
– Kaspersky found four zero-day vulnerabilities, including the one fixed by Apple, which were used by unknown cyber spies.
– TriangleDB, the spyware involved, was initially discovered on “several dozen” iPhones belonging to Kaspersky’s own management.
– The spyware infects devices without user interaction and remains hidden while accessing data and system information.
– Kaspersky received emails from other Apple users reporting signs of infection on their devices, including security researchers.
– The cyberespionage campaign doesn’t appear to be linked to any known threat actor.
– Kaspersky has released a tool (triangle_check) to scan iOS device backups for signs of compromise.
– More technical details about the campaign will be revealed in the future.