Security researchers are urging Apple product users to upgrade their devices as soon as possible. Two critical vulnerabilities were confirmed and identified as CVE-2021-30860, aka “FORCEDENTRY,” by Citizen Lab and CVE-2021-30858, brought to light by an anonymous researcher. Both have the capability of infecting Apple products by allowing compromised documents to execute commands. However, CVE-2021-30860 presents itself as an advanced iteration of the controversial spyware, Pegasus. Researchers discovered its ability to infect vulnerable devices via a “zero-click attack”. The silent malware bypassed Apple’siOS BlastDoor security by exploiting previous vulnerabilities found in iMessage.
Over the last six years, NSO Group’s Pegasus has gained notoriety after reports have pointed to its deployment on activists, journalists, and dissidents as a method of surveillance by governments, mercenaries, and criminals. Citizen Lab security researchers have stated that “NSO Group are facilitating ‘despotism-as-a-service’ for unaccountable government security agencies. Regulation of this growing, highly profitable, and harmful marketplace is desperately needed.”
NSO Group has not commented on Citizen Lab’s latest findings and has stated that it will continue to provide intelligence to law enforcement agencies around the world.
Analyst Notes
Zero-click vulnerabilities are difficult to defend against. For users and admins utilizing macOS, watchOS, iOS, and Safari, apply the necessary updates detailed in Apple’s support document. In addition, users can minimize the chances of a sophisticated zero-click attacks by executing the following:
• Audit and reduce the number of apps on devices. This can considerably minimize chances of infiltration
• Regularly update to the latest operating systems & conduct regular security updates
• Separate apps according to the device. For example, a compromise on WhatsApp mobile is less likely to affect a laptop if the app only exists on a mobile device
• Persons of interest should consider using a burner phone or other compartmented devices when entering potentially hostile environments such as government buildings, embassies and consulates, or when going through border checkpoints.
https://www.zdnet.com/article/apple-releases-update-fixing-nso-spyware-vulnerability-affecting-macs-iphones-ipads-and-watches/
