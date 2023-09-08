Vida da cidade

Presentando as novas tecnoloxías e o poder da IA

Dispositivos de Apple vulnerables á explotación de clic cero que ofrecen programas espía

ByMampho Brescia

Setembro 8, 2023
Summary: Apple has issued an update for its devices after researchers at The Citizen Lab discovered a zero-click vulnerability that was being used to deliver NSO Group’s Pegasus spyware. The exploit, dubbed BLASTPASS, allowed hackers to remotely compromise iPhones running the newest iOS without any user interaction. Users are advised to update their devices immediately to protect themselves. Additionally, Citizen Lab recommends enabling Lockdown Mode for users at higher risk.

Apple has released a crucial update for its devices after a zero-click vulnerability was discovered by researchers at The Citizen Lab. This vulnerability allowed NSO Group’s Pegasus spyware to be installed on Apple devices without any interaction required from the user.

The hack involved sending harmful images in PassKit attachments via the attacker’s iMessage account to the victim. Although previous versions of iOS were affected, the exploit chain was successful in compromising the newest iOS version 16.6.

The Pegasus spyware is notorious for its invasive capabilities, which include capturing keystrokes, intercepting communications, tracking the device, and remotely accessing the camera and microphone. This poses a significant risk to individuals, companies, and even governments.

To protect themselves, Apple users are strongly advised to update their devices immediately. By doing so, they can safeguard their devices against this zero-click exploit and minimize the risk of unauthorized access.

Furthermore, The Citizen Lab has recommended that users who are particularly vulnerable due to their activities or affiliations should enable Lockdown Mode. This feature provides an additional layer of protection by limiting the potential attack surface and enhancing device security.

This is not the first time Apple has faced such vulnerabilities. In April 2022, The Citizen Lab discovered evidence of multiple zero-click iMessage exploits being used to compromise Apple devices. Apple’s prompt response to these issues highlights the company’s commitment to ensuring the security of its users.

In conclusion, Apple device users should promptly update their devices to protect against the zero-click exploit used to deliver NSO Group’s Pegasus spyware. Enabling Lockdown Mode is also recommended for users at higher risk. By taking these precautions, users can help safeguard their privacy and security in the face of evolving cyber threats.

Definicións:
– Zero-click vulnerability: A vulnerability that allows an attacker to exploit a device without requiring any interaction from the user.
– Pegasus spyware: A surveillance software developed by NSO Group, known for its extensive capabilities to monitor and control targeted devices.
– Exploit chain: A cyber-attack technique that involves multiple attacks combined to compromise a device.
– Lockdown Mode: A feature that limits the functionality and potential attack surface of a device to enhance security.

Fontes:
– [Source 1: The Citizen Lab](URL)
– [Source 2: Apple](URL)

