all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Zero-Click Exploit in iPhones

Add to bookmarks
Sept. 13, 2023, 11:13 a.m. | Bruce Schneier

Schneier on Security www.schneier.com

Make sure you update your iPhones:


Citizen Lab says two zero-days fixed by Apple today in emergency security updates were actively abused as part of a zero-click exploit chain (dubbed BLASTPASS) to deploy NSO Group’s Pegasus commercial spyware onto fully patched iPhones.


The two bugs, tracked as CVE-2023-41064 and CVE-2023-41061, allowed the attackers to infect a fully-patched iPhone running iOS 16.6 and belonging to a Washington DC-based civil society organization via PassKit attachments containing malicious images.


“We refer …

apple attackers blastpass bugs citizen lab click commercial commercial spyware cve cve-2023-41061 cve-2023-41064 deploy emergency exploit exploits infect ios iphone iphones lab nso nso group pegasus security security updates spyware today update updates vulnerabilities zero-click zero-click exploit zero-days

Visit resource

More from www.schneier.com / Schneier on Security

New Attack on VPNs 1 day ago | www.schneier.com
applications attack cyberattack encrypted +14
New Lawsuit Attempting to Make Adversarial Interoperability Legal 2 days, 4 hours ago | www.schneier.com
adversarial copyright courts interoperability +4
Friday Squid Blogging: Squid Purses 4 days, 18 hours ago | www.schneier.com
blog blogging can guidelines +6
My TED Talks 4 days, 21 hours ago | www.schneier.com
conferences controls data internet +9
Rare Interviews with Enigma Cryptanalyst Marian Rejewski 5 days, 4 hours ago | www.schneier.com
crack cryptanalysis enigma history of cryptography +5
The UK Bans Default Passwords 6 days, 4 hours ago | www.schneier.com
act and telecommunications ban bans +19
AI Voice Scam 1 week ago | www.schneier.com
artificial intelligence bbc money scam +4
WhatsApp in India 1 week, 1 day ago | www.schneier.com
courts encryption end end-to-end +5
Whale Song Code 1 week, 2 days ago | www.schneier.com
basic broadcast code cold +18

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

XDR Detection Engineer

@ SentinelOne | Italy
View on infosec-jobs.com

Security Engineer L2

@ NTT DATA | A Coruña, Spain
View on infosec-jobs.com

Cyber Security Assurance Manager

@ Babcock | Portsmouth, GB, PO6 3EN
View on infosec-jobs.com

Senior Threat Intelligence Researcher

@ CloudSEK | Bengaluru, Karnataka, India
View on infosec-jobs.com

Cybersecurity Analyst 1

@ Spry Methods | Washington, DC (Hybrid)
View on infosec-jobs.com

Security Infrastructure DevOps Engineering Manager

@ Apple | Austin, Texas, United States
View on infosec-jobs.com
View more jobs