from Pro@programming.dev to cybersecurity@sh.itjust.works on 11 Sep 21:59
https://programming.dev/post/37282283
cross-posted from: programming.dev/post/37271383
Translated and Republished under Open License, V2.0. Originally published in CERT-FR as Threat and Incident Report.
Since 2021, Apple has been sending notification campaigns to individuals targeted by spyware attacks.
These software programs, such as Pegasus, Predator, Graphite or Triangulation, are particularly sophisticated and difficult to detect.
These complex attacks target individuals because of their status or function: journalists, lawyers, activists, politicians, senior officials, members of management committees in strategic sectors, etc.
Receiving a notification means that at least one of the devices linked to the iCloud account has been targeted and is potentially compromised.
The notification results in the receipt of an iMessage and an alert email sent by Apple (from threat-notifications[at]email.apple.com or threat-notifications[at]apple.com). When logging into the iCloud account, an alert is displayed. The time between the compromise attempt and the receipt of the notification is several months, but remains variable.
The notifications sent report highly sophisticated attacks, most of which employ zero-day vulnerabilities or require no user interaction at all.
The following best practices help to better protect the phone against this type of attack:
- Update your devices to the latest version as soon as possible. Apple updates often fix vulnerabilities exploited by spyware;
- Enable automatic updates, including security updates;
- Separate personal and professional uses as much as possible, ideally by using different devices;
- Enable “Isolation Mode” to enhance the security of your Apple devices;
- Restart your device regularly, ideally once a day.
More generally, the following measures contribute to your good IT hygiene:
- Do not click on suspicious links or attachments; Set up a strong and unique access code;
- Use two-factor authentication whenever possible;
- Avoid installing unknown apps or apps from alternative app stores.
threaded - newest