CISA issued a directive instructing government agencies to patch for iPhone vulnerabilities

People standing in front of the Washington Monument
Photo by KRSP

Today, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) took decisive action by issuing an order to federal agencies, mandating the resolution of three recently patched zero-day vulnerabilities. These vulnerabilities have been observed to impact iPhones, Macs, and iPads, making them susceptible to exploitation in malicious attacks. The specific vulnerabilities in question are identified as CVE-2023-32409, CVE-2023-28204, and CVE-2023-32373, all of which are associated with the WebKit browser engine.

While Apple has not provided comprehensive details regarding the specific attacks in which these bugs have been exploited, it has disclosed that CVE-2023-32409 was reported by Clément Lecigne from Google’s Threat Analysis Group and Donncha Ó Cearbhaill from Amnesty International’s Security Lab. These two notable researchers, along with their respective organizations, have been actively involved in sharing crucial information pertaining to state-sponsored campaigns that exploit zero-day vulnerabilities. The primary objective of these campaigns is to surreptitiously install surveillance spyware on the devices of targeted individuals, which includes politicians, journalists, dissidents, and other high-profile figures who find themselves at the center of highly-targeted attacks.


Share this post

Surveillance cameras on wall

Russia Accuses US of Widespread Apple iPhone Hacking

Russia’s Federal Security Service (FSB) claims to have discovered an elaborate American espionage operation that compromised thousands of iPhones using sophisticated surveillance software. Moscow-based Kaspersky Lab confirmed that several of its employees’ devices were compromised during the operation.

Abstract powerlines

Mandiant Unearths New Malware That Can Sabotage Power Grids

A new strain of malware, dubbed COSMICENERGY, has been discovered that is designed to penetrate and disrupt critical systems in industrial environments. The malware is capable of exploiting an industrial communication protocol called IEC-104 to issue commands to RTUs, which could potentially cause power disruption. There is no evidence that the malware has been used in attacks, but its discovery is a reminder of the threat posed by malicious software to critical infrastructure.