Recent findings from Kaspersky reveal that the Coruna iOS exploit kit is using an updated version of the kernel exploit code from the 2023 Operation Triangulation campaign. This exploit targets two specific vulnerabilities in Apple’s iOS, raising concerns about the potential for mass attacks against users. Initially, there wasn't enough evidence to connect Coruna to the earlier campaign, but researchers have now established a clear link. This means that devices running affected versions of iOS could be at risk from attackers leveraging these exploits. Users and organizations need to be vigilant and ensure their devices are updated to protect against these threats.
Articles tagged "Apple"
Found 78 articles
Kaspersky's GReAT team has identified a new exploit kit called Coruna, which specifically targets iPhones. This kit utilizes kernel exploits associated with two vulnerabilities, CVE-2023-32434 and CVE-2023-38606, and is an updated version of techniques used in Operation Triangulation. The existence of these exploits poses significant risks to iPhone users, as they could potentially allow attackers to gain unauthorized access to sensitive data or control over the devices. Users should be aware of these vulnerabilities and take steps to secure their devices against exploitation. The findings emphasize the need for continuous vigilance in mobile security as attackers evolve their methods.
Hackread – Cybersecurity News, Data Breaches, AI and More
A significant security vulnerability known as the DarkSword exploit has been leaked, putting an estimated 270 million iPhones at risk. This exploit allows hackers to potentially access sensitive user data, raising serious concerns about privacy and security for iPhone users worldwide. Researchers have indicated that this could lead to unauthorized access to personal information stored on these devices. The scale of the impact is alarming, as many users may not be aware that their data could be compromised. It's crucial for affected users to stay informed and take necessary precautions to protect their information as details about the exploit continue to emerge.
The Cybersecurity and Infrastructure Security Agency (CISA) has directed U.S. government agencies to address three vulnerabilities in iOS that have been exploited in attacks related to cryptocurrency theft and cyberespionage, specifically using the DarkSword exploit kit. These vulnerabilities pose a significant risk, as they can allow attackers to gain unauthorized access to sensitive information on affected devices. The order to patch these flaws is crucial for protecting personal and governmental data from potential breaches. Agencies must act promptly to implement the necessary updates to safeguard against these threats. Failure to patch could leave systems vulnerable to exploitation by cybercriminals targeting financial assets and confidential information.
A new exploit kit called 'Darksword' is being used to target iPhones, particularly affecting users of cryptocurrency wallet applications. This exploit allows attackers to steal various personal information from compromised devices. The existence of Darksword raises significant concerns, especially for those who handle sensitive financial data on their mobile devices. As users increasingly rely on their phones for managing cryptocurrencies, the risk of falling victim to such attacks is growing. It’s crucial for iPhone users to stay vigilant and ensure their devices are updated to protect against these vulnerabilities.
Apple has rolled out new WebKit patches to enhance security protections for its users. These updates aim to fill the gaps between regular security updates, addressing vulnerabilities that could potentially be exploited by attackers. While specific details about the vulnerabilities have not been disclosed, the updates are essential for users of Apple's web browsing technologies, which are integral to Safari and other applications. Keeping WebKit up to date is crucial as it helps protect against possible security risks that could compromise user data and privacy. Users are encouraged to ensure their devices are running the latest version to benefit from these improvements.
Recent ClickFix campaigns are targeting macOS users through malicious tools disguised as ChatGPT applications. Attackers are utilizing deceptive tactics, including fake software and Terminal commands, to install the MacSync infostealer on infected systems. This infostealer is designed to harvest sensitive information from users, which poses a significant risk to personal and organizational security. Users who inadvertently download these fake tools could find their data compromised, leading to potential identity theft or financial loss. It's crucial for macOS users to remain vigilant and avoid downloading software from untrusted sources.
Hackread – Cybersecurity News, Data Breaches, AI and More
Researchers have identified a fraudulent website mimicking CleanMyMac that employs a ClickFix attack to install SHub Stealer malware on macOS devices. This malicious software is designed to steal sensitive information, including passwords and cryptocurrency wallet data. Users who unknowingly download this malware may face significant risks to their personal and financial security. The incident serves as a reminder for macOS users to be cautious about where they download software and to verify the authenticity of websites before entering any personal information. Ensuring that systems are protected with up-to-date security measures is crucial in preventing such attacks.
The Cybersecurity and Infrastructure Security Agency (CISA) has alerted U.S. federal agencies to address three critical security flaws in iOS that have been exploited in cyberespionage and cryptocurrency theft. These vulnerabilities are being targeted through the Coruna exploit kit, which has been linked to recent attacks. Federal agencies are urged to implement patches promptly to protect sensitive information and financial assets. The exploitation of these flaws poses serious risks, potentially allowing attackers to gain unauthorized access to devices and data. Swift action is essential to mitigate these threats and secure federal systems.
The Coruna exploit kit has been identified as a significant threat targeting older iPhones, specifically those running iOS versions from 13.0 to 17.2.1. Cybercriminals are using this toolkit to steal financial data from users, which raises concerns about the safety of personal and financial information on these devices. Researchers have noted that this multi-stage campaign is particularly aimed at exploiting vulnerabilities in outdated operating systems, making it crucial for users to stay updated. With many individuals still using older iPhone models, the risks associated with this exploit are substantial. Users are urged to upgrade their devices to the latest iOS version to protect against these attacks.
The latest Security Affairs Malware newsletter covers several significant malware threats that have emerged recently. Notably, a group identified as Stan Ghouls is targeting users in Russia and Uzbekistan using the NetSupport Remote Access Trojan (RAT), which allows attackers to control infected systems remotely. Another concerning development is the discovery of ZeroDayRAT, a new spyware designed to infiltrate both Android and iOS devices. Additionally, researchers have uncovered a Linux botnet named SSHStalker, which utilizes old-school IRC methods to compromise new victims. These activities demonstrate the evolving tactics of cybercriminals and emphasize the need for users and organizations to remain vigilant against these persistent threats.
Help Net Security
Apple has addressed a serious zero-day vulnerability, identified as CVE-2026-20700, which was used in targeted attacks last year. This flaw, a memory corruption issue in the dyld component of Apple's operating systems, could allow attackers to execute arbitrary code on affected devices. Specifically, the vulnerability impacts versions of iOS prior to iOS 26 and was reportedly exploited in sophisticated attacks against select individuals. Users of these older versions should update their devices to protect against potential exploitation.
The Hacker News
A North Korea-associated hacking group known as UNC1069 is targeting cryptocurrency organizations to steal sensitive information from both Windows and macOS systems. Their approach involves social engineering tactics, including the use of a compromised Telegram account to set up a fake Zoom meeting. This deception leads victims to download malware through a method called ClickFix, which researchers believe may also utilize AI-generated content to enhance its effectiveness. The implications of these attacks are significant, as they not only threaten the financial security of targeted companies but also highlight the evolving tactics used by cybercriminals in the cryptocurrency sector. Protecting against such sophisticated schemes is increasingly critical for organizations in this space.
Researchers have identified a new spyware kit called ZeroDayRAT, which is being distributed via Telegram. This toolkit is said to allow attackers to fully compromise both iOS and Android devices, functioning at a level typically associated with resources available to nation-states. The implications of this spyware are significant, as it can potentially give hackers complete access to personal data and device controls. Users of mobile devices, especially those who may be targeted for sensitive information, should be particularly cautious. The emergence of such advanced tools raises serious concerns about mobile security and privacy.
SCM feed for Latest
Recent testing has shown that the speaker in Apple's AirTags can be easily disabled using a common tool, like a spudger, in less than two minutes. This raises significant privacy concerns, as disabling the speaker could prevent users from hearing alerts that the device is tracking them. This situation is particularly alarming for individuals who might be targeted for unwanted tracking or stalking, as it could allow malicious actors to exploit the AirTags without detection. While Apple has marketed these devices as a way to help users locate lost items, this vulnerability could undermine their intended purpose. Users and privacy advocates are urging Apple to address this issue to enhance the security features of the product.