Spyware Targeting iOS Devices via MITM Attacks and Zero Days

New spyware named "Predator" infecting iOS via MITM attacks and zero day vulnerabilities

Apple had announced to their customers the new patches for three zero-days, those were:

• CVE-2023-41991 (signature verification bypass),
• CVE-2023-41992 (local privilege escalation),
• CVE-2023-41993 (arbitrary code execution via malicious webpage).

Important to note that the mentioned vulnerabilities affected devices with running iOS versions before 16.7.

According to The University of Toronto’s Citizen Lab group and Google’s Threat Analysis Group, the vulnerabilities were chained and targeted towards Ahmed Altantawy (leading opposition politican in Egypt).

Risk Factor

Government:

• Large and medium government entities: HIGH
• Small government: MEDIUM

Businesses:

• Large and medium business entities: HIGH
• Small business entities: MEDIUM
• Home Users: LOW

What is there to learn?

Like I always say, education is the most important thing you have to keep chasing consistently.

My advice is to not be arrogant thinking "I don't need to update my software, everything is working well!" and just update your devices to the latest version.

Now, not all of us are high-ranked politicians, but there are only benefits to updating software and securing yourself from vulnerabilities that I've mentioned.

Follow Eman ?ati? for more news!