If you are one of the people who always ignore software updates, please don’t ignore this. After a cybersecurity research company recently disclosed a large-scale security breach, Apple Urgent update released Suitable for iOS and macOS operating systems. This zero-click vulnerability can infect your Apple device with spyware without your knowledge.
According to this report, University of Toronto Citizen Lab, ForcedEntry zero-click vulnerability can harm almost all Apple devices, such as mobile phones, tablets, smart watches and computers.
Researchers at Citizen Lab found signs of ForcedEntry for the first time when they analyzed the phone of a Saudi activist infected with spyware created by the NSO group in March. The Israeli spyware company is accused of selling software designed to monitor private citizens to governments around the world. Especially journalists And activists. Citizen Lab notified Apple of its findings on September 7, prompting an emergency update one week before the report was released to the public.
ForcedEntry is not an ordinary exploit. It takes advantage of a huge security hole in iMessage, Apple’s built-in messaging platform. The way it works is that the hacker sends an invisible text message to the target victim, giving them unrestricted access to all content on the device after receiving it, allowing the hacker to install spyware, monitoring their phone, and even remotely accessing them Camera. The scary thing about these zero-click attacks is that the victims don’t realize what’s going on until it’s too late.
The report also compares NSO Group with another Zero click attacks in 2019NSO discovered a similar vulnerability in Whatsapp and used its spyware to infect the mobile phones of more than 1,400 users connected to the Human Rights Facebook group. At present, it is not clear how many users’ mobile phones may have been targeted and/or compromised. NSO Group denies all allegations of misconduct.
At the end of the report, Citizen Lab called for action against companies such as NSO Group:
“Our latest discovery of another Apple zero-day vulnerability (a term for known computer software vulnerabilities by related parties) is used as part of the NSO Group’s arsenal, which further shows that companies like NSO Group are promoting the’authoritarian as a service’ Responsible government security agencies. There is an urgent need to supervise this growing, highly profitable and harmful market.”
The best way to protect yourself and your Apple products now is to make sure that all your Apple devices have the latest software updates released on Monday, September 13. Apple is expected to announce A series of new equipment today, So it will be interesting to see if the company has resolved the emergency fix in the keynote.