Al Mayadeen English

  • Ar
  • Es
  • x
Al Mayadeen English

Slogan

  • News
    • Politics
    • Economy
    • Sports
    • Arts&Culture
    • Health
    • Miscellaneous
    • Technology
    • Environment
  • Articles
    • Opinion
    • Analysis
    • Blog
    • Features
  • Videos
    • NewsFeed
    • Video Features
    • Explainers
    • TV
    • Digital Series
  • Infographs
  • In Pictures
  • • LIVE
News
  • Politics
  • Economy
  • Sports
  • Arts&Culture
  • Health
  • Miscellaneous
  • Technology
  • Environment
Articles
  • Opinion
  • Analysis
  • Blog
  • Features
Videos
  • NewsFeed
  • Video Features
  • Explainers
  • TV
  • Digital Series
Infographs
In Pictures
  • Africa
  • Asia
  • Asia-Pacific
  • Europe
  • Latin America
  • MENA
  • Palestine
  • US & Canada
BREAKING
DPRK strongly condemnded the US strikes on Iran
Iran: Fars News Agency: A woman and her 6-year-old son were killed in an Israeli drone attack on Kermanshah Province
Iran: IRNA: Attack Wave 21 was not carried out, and the operation carried out minutes ago was from Yemen against targets in the occupied territories
Sirens are sounding in Tel Aviv and surrounding areas
Israeli military command: We identified missiles launched from Iran
Tunis: The legitimacy created by World War II is crumbling and the future belongs to free peoples of the world
Tunis: We emphasize that the aggression against Iran should not obscure other ongoing crimes, the first of which is the war of extermination against the Palestinian people
Tunis: International legitimacy does not permit or justify aggression against Iran under any cover or title
Tunisia: Foreign Ministry: We call for an end to the aggression against our sister country, Iran, and we do not limit ourselves to condemning the Zionist and American attacks
Iran: Nur News: An Israeli aerial assault is targeting the region of Parchin, east Tehran

Apple issues critical security update after NSO Pegasus spyware breach

  • By Al Mayadeen English
  • Source: The Verge + news websites
  • 8 Sep 2023 16:04
  • 2 Shares
4 Min Read

Apple cautions that iPhones and iPads could be vulnerable to actors associated with the Israeli firm NSO.

  • x
  • Israeli NSO group logo (AFP via Getty Images)
    Israeli NSO group logo (AFP via Getty Images)

Apple has released a crucial security update for iPhones, addressing a zero-day vulnerability uncovered in iOS 16. This security flaw was initially detected by Citizen Lab, a research group specializing in spyware. The vulnerability has the potential to allow malicious actors to remotely install spyware on an iPhone without requiring any interaction from the device's owner. Citizen Lab identified and promptly reported this zero-click zero-day exploit to Apple.

The exploit had previously been utilized to deploy Pegasus spyware, developed by the Israeli NSO Group. This spyware was installed on an iPhone belonging to an employee of a civil society organization based in Washington, D.C. Pegasus is engineered to infiltrate a phone and gather various forms of data, including photos, messages, audio recordings, and videos.

Simultaneously, Apple has swiftly launched iOS 16.6.1 in response to the discovery of this breach. It is imperative for iPhone users to install this update promptly, regardless of whether they are considered high-risk targets for the Israeli spyware.

The concern arises from the fact that numerous groups are willing to analyze iOS security updates meticulously in an attempt to uncover how to exploit this newfound vulnerability, thereby increasing the potential for more widespread attacks.

Citizen Lab has refrained from providing an in-depth breakdown of the vulnerability, primarily for security reasons. Nevertheless, the exploit revolves around PassKit, the framework underpinning Apple Pay and Wallet, and involves attachments containing malicious images that are delivered via iMessage.

“We expect to publish a more detailed discussion of the exploit chain in the future,” said Citizen Lab.

Over the past few years, iOS vulnerabilities have frequently garnered attention, particularly those that have been exploited by malicious actors before Apple became aware of the security flaw. To address such issues promptly, Apple has devised a Rapid Security Response system, which can apply security fixes to an iPhone without necessitating a device reboot.

Importantly, Citizen Lab points out that Apple's Lockdown Mode can serve as a protective measure against this recent exploit. Therefore, individuals who could be potential targets for the Israeli spyware are strongly advised to activate this mode as a precaution.

Read next: Apple warns of flaw that invites hackers into iPhones, iPads, Macs

Related News

Sirens blast across 'Israel' following missile attack

Trump pushes Iran regime change rhetoric, administration contradicts

A flashback 

In April, a report published by the Citizen Lab at the University of Toronto revealed several advanced and complicated hacking techniques used by Pegasus spyware.

The Citizen Lab found that a month after iPhone's iOS 16 operating system was officially released, the Israeli firm carried out attacks against phones with the updated version.

According to the report, these are Zero-Click exploit chains, where hackers may break into the phones without the user clicking on a link or downloading any malware. which enables a covert, quiet infection that is undetectable.

At the time, the Citizen Lab report delved further into the techniques employed by NSO to circumvent iPhone protections.

The researchers found that PWNYOURHOME and FINDMYPWN are the first Zero-Click exploits that capitalize on various points in the software environment where an iPhone device may be prone to cyberattacks, including physical connections such as USB ports, internet connections, and other routes hackers can use to try to breach the device.

These techniques allowed the Israeli spyware to infect even the most up-to-date iPhones with the most recent versions of Apple's operating system.

The Citizen Lab researchers also pointed out that for a brief period of time, users who activated iOS 16's Lockdown Mode - an increased level of protection - encountered real-time notifications of attempted device infection.

In mid-July 2022, Apple unveiled the Lockdown Mode to block or disable some features and capabilities to prevent them from being taken advantage of by spyware.

The extreme, optional mode "hardens device defenses and strictly limits certain functionalities, sharply reducing the attack surface that potentially could be exploited by highly targeted mercenary spyware," Apple explained.   

Read next: Israeli cyberespionage firm meddled in 33 elections worldwide: Reports

  • Israel
  • Pegasus project
  • NSO Group
  • Pegasus Spyware
  • Pegasus

Most Read

Iran launches 9th wave of Op. True Promise 3, destroys IOF air defense

Iran launches 9th wave of Op. True Promise 3, destroys IOF air defense

  • MENA
  • 17 Jun 2025
Rescue team work at the site where a missile launched from Iran struck Tel Aviv, Israel, Monday, June 16, 2025 (AP)

Wave 12 of Operation True Promise 3 launched, Sejjil deployed: IRGC

  • Politics
  • 18 Jun 2025
Israeli workers survey the site where a missile launched from Iran struck in Haifa on Sunday, June 22, 2025. (AP)

True Promise 3, wave 20: 40 missiles launched, Kheibar-Shekan in first

  • Politics
  • 22 Jun 2025
Iran launches missile barrage to Tel Aviv, casualties reported

True Promise 3, wave 14: Tel Aviv targeted, casualties reported

  • Politics
  • 19 Jun 2025

Coverage

All
The Ummah's Martyrs

Read Next

All
Secretary of Iran's Supreme National Security Council Ali Shamkhani, speaks with then-Syrian Prime Minister Imad Khamis in a meeting in Tehran, Iran, Tuesday, January 17, 2017 (AP)
Politics

Iran holds the initiative after nuclear strikes, Shamkhani says

Blood stains a religious painting inside Mar Elias Church, where a suicide bomber detonated himself in al-Dwela, on the outskirts of Damascus, Syria, on Sunday, June 22, 2025 (AP)
Politics

UN, regional governments condemn Damascus church bombing

A B-2 bomber arrives at Whiteman Air Force Base Missouri, Sunday, June 22, 2025, after returning from a massive strike on Iranian nuclear sites on Saturday (AP)
Politics

Israeli media: US-Israeli strike on Iran failed to end war

China UN Ambassador Fu Cong addresses the United Nations Security Council, Monday, March 24, 2025. (AP Photo/Richard Drew)
Politics

China slam US strikes on Iran nuclear sites

Al Mayadeen English

Al Mayadeen is an Arab Independent Media Satellite Channel.

All Rights Reserved

  • x
  • Privacy Policy
  • About Us
  • Contact Us
  • Authors
Android
iOS