all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Apple patches two zero-days under attack (CVE-2023-41064, CVE-2023-41061)

Add to bookmarks
Sept. 8, 2023, 8:39 a.m. | Zeljka Zorz

Help Net Security www.helpnetsecurity.com

Apple has patched two zero-day vulnerabilities (CVE-2023-41064, CVE-2023-41061) exploited to deliver NSO Group’s Pegasus spyware. “The exploit chain was capable of compromising iPhones running the latest version of iOS (16.6) without any interaction from the victim,” Citizen Lab shared. “The exploit involved PassKit attachments containing malicious images sent from an attacker iMessage account to the victim.” About the vulnerabilities CVE-2023-41064 is a buffer overflow vulnerability in the ImageI/O framework, which allows applications to read and … More


The post …

0 day apple attachments attack attacker citizen lab cve cve-2023-41061 cve-2023-41064 don't miss exploit exploited hot stuff images imessage ios iphones lab latest macos malicious nso nso group patches pegasus pegasus spyware running spyware under version victim vulnerabilities zero-day zero-days zero-day vulnerabilities

Visit resource

More from www.helpnetsecurity.com / Help Net Security

Adaptive Shield unveils SaaS security for AI an hour ago | www.helpnetsecurity.com
adaptive shield and response applications apps +28
Onyxia launches AI-powered predictive insights to optimize security management an hour ago | www.helpnetsecurity.com
address ai-powered can challenges +24
Island raises $175 million at $3 billion valuation an hour ago | www.helpnetsecurity.com
capital coatue financing funding +10
Synopsys Polaris Assist automates repetitive, time-consuming tasks for security and development teams 2 hours ago | www.helpnetsecurity.com
ai-powered application application security assistant +30
FCC fines major wireless carriers over illegal location data sharing 2 hours ago | www.helpnetsecurity.com
access att carriers communications +26
Palo Alto firewalls: CVE-2024-3400 exploitation and PoCs for persistence after resets/upgrades 2 hours ago | www.helpnetsecurity.com
alto attackers aware concept +24
Cybersixgill Third-Party Intelligence module identifies potential supply chain risks 3 hours ago | www.helpnetsecurity.com
action cyber cybersecurity cybersixgill +25
ESET launches two MDR subscription tiers for SMBs and enterprises 5 hours ago | www.helpnetsecurity.com
and response businesses detection detection and response +15
ThreatX provides always-active API security from development to runtime 6 hours ago | www.helpnetsecurity.com
api api security application application protection +19

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Security Engineer

@ Commit | San Francisco
View on infosec-jobs.com

Trainee (m/w/d) Security Engineering CTO Taskforce Team

@ CHECK24 | Berlin, Germany
View on infosec-jobs.com

Security Engineer

@ EY | Nicosia, CY, 1087
View on infosec-jobs.com

Information System Security Officer (ISSO) Level 3-COMM Job#455

@ Allen Integrated Solutions | Chantilly, Virginia, United States
View on infosec-jobs.com

Application Security Engineer

@ Wise | London, United Kingdom
View on infosec-jobs.com
View more jobs