Newsnews
Cybersecurity News

Apple Addresses Zero-Day Exploits Used In Pegasus Spyware Attack

Written by: Lorri Hinman | Published: 8 September 2023 | Modified: 1 December 2023
apple-addresses-zero-day-exploits-used-in-pegasus-spyware-attack
Cybersecurity

Apple released a series of security updates on Thursday to address two zero-day exploits that were utilized to target an individual from a civil society organization based in Washington, D.C. These zero-day vulnerabilities, which refers to hacking techniques that were previously unknown to Apple, were discovered by researchers who promptly reported them to the company. The vulnerabilities involved a zero-click method that enabled attackers to deliver the infamous Pegasus spyware developed by NSO Group without any user interaction.

Key Takeaway

Apple released essential security updates to address two zero-day vulnerabilities that were exploited to target a member of a civil society organization in Washington, D.C. These vulnerabilities allowed for the remote deployment of the notorious Pegasus spyware developed by NSO Group. Apple promptly resolved the discovered exploits and urged all iPhone users to update their devices to the latest software version to safeguard against potential cyber threats.

The Discovery

Internet watchdog Citizen Lab, known for investigating government malware, uncovered one of the zero-day vulnerabilities, referred to as “BLASTPASS,” as it exploited PassKit, a framework that enables developers to integrate Apple Pay into their applications. This particular vulnerability allowed the hackers to target iPhone users without requiring any action on the part of the victim. Upon discovering the exploit, Citizen Lab promptly reported their findings to Apple, who developed and subsequently released a patch to address the issue.

Apple’s Response

Apple’s security update not only addressed the zero-day vulnerability reported by Citizen Lab but also acknowledged another vulnerability which Apple’s internal team discovered during their investigation. The company issued its gratitude to Citizen Lab for their assistance in identifying the exploits and promptly reporting them. Apple’s spokesperson declined to comment further and directed inquiries to the provided security update notes.

Ensuring User Security

In light of these discoveries, Citizen Lab strongly recommended that all iPhone users update their devices to the latest software version. By doing so, users can ensure that their devices are protected against potential attacks and mitigate the risk of falling victim to spyware or other cyber threats.

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Post

Related Posts

Microsoft Remains Silent On Exploitation Of Zero-Day Vulnerabilities
News

Microsoft Remains Silent On Exploitation Of Zero-Day Vulnerabilities

by Joscelin Harder | 5 October 2023
New Apple Security Updates Patch Zero-Day Vulnerabilities
News

New Apple Security Updates Patch Zero-Day Vulnerabilities

by Dode Roden | 23 September 2023
Google Quickly Fixes Zero-Day Exploited By Spyware Vendor
News

Google Quickly Fixes Zero-Day Exploited By Spyware Vendor

by Lucky Stith | 29 September 2023
New Findings Reveal Apple’s Lockdown Mode Successful In Preventing Hacks
News

New Findings Reveal Apple’s Lockdown Mode Successful In Preventing Hacks

by Karrie Atwell | 8 December 2023
Apple Releases Security Updates To Fix Actively Exploited Zero-Day Vulnerabilities
News

Apple Releases Security Updates To Fix Actively Exploited Zero-Day Vulnerabilities

by Raye Loving | 2 December 2023
Government Hackers Exploit IPhone Vulnerabilities With Spyware, Google Reveals
News

Government Hackers Exploit IPhone Vulnerabilities With Spyware, Google Reveals

by Lorri Hinman | 6 February 2024
New Polish Senate Report Declares Government’s Use Of NSO Group’s Spyware Illegal
News

New Polish Senate Report Declares Government’s Use Of NSO Group’s Spyware Illegal

by Wrennie Whitesell | 8 September 2023
Zero-days For Hacking WhatsApp Valued In The Millions
News

Zero-days For Hacking WhatsApp Valued In The Millions

by Tamiko Lattimore | 6 October 2023

Recent Stories

Learn To Convert Scanned Documents Into Editable Text With OCR
Software Tutorials

Learn To Convert Scanned Documents Into Editable Text With OCR

by Lorri Hinman | 26 April 2024
Top Mini Split Air Conditioner For Summer
Buyer's Guides

Top Mini Split Air Conditioner For Summer

by Lorri Hinman | 26 April 2024
Comfortable and Luxurious Family Life | Zero Gravity Massage Chair
Buyer's Guides

Comfortable and Luxurious Family Life | Zero Gravity Massage Chair

by Lorri Hinman | 26 April 2024
Fintechs and Traditional Banks: Navigating the Future of Financial Services
General Fintech

Fintechs and Traditional Banks: Navigating the Future of Financial Services

by Lorri Hinman | 18 April 2024
AI Writing: How It’s Changing the Way We Create Content
AI

AI Writing: How It’s Changing the Way We Create Content

by Lorri Hinman | 3 April 2024
How to Find the Best Midjourney Alternative in 2024: A Guide to AI Anime Generators
Digital Media & Creative Tech

How to Find the Best Midjourney Alternative in 2024: A Guide to AI Anime Generators

by Lorri Hinman | 28 March 2024
How to Know When it’s the Right Time to Buy Bitcoin
Cryptocurrency

How to Know When it’s the Right Time to Buy Bitcoin

by Lorri Hinman | 28 March 2024
Unleashing Young Geniuses: How Lingokids Makes Learning a Blast!
Education

Unleashing Young Geniuses: How Lingokids Makes Learning a Blast!

by Lorri Hinman | 23 March 2024