Apple announces that it filed a lawsuit against NSO Group responsible for Pegasus software used to infiltrate iPhones of journalists and activists.

Apple also announced a $10 million contribution to support cybersurveillance researchers and advocates

Apple Newsroom

Apple claims that FORCEDENTRY exploit is currently fixed and only small number of people were affected by it. However, these were targeted attacks and, therefore, damage was significant.

iOS 15 includes a number of new security protections, including significant upgrades to the BlastDoor security mechanism. While NSO Group spyware continues to evolve, Apple has not observed any evidence of successful remote attacks against devices running iOS 15 and later versions. Apple urges all users to update their iPhone and always use the latest software.

Apple Newsroom

Apple also announced that it will notify users of ongoing attacks.

If Apple discovers activity consistent with a state-sponsored attack, we notify the targeted users in two ways:
– A Threat Notification is displayed at the top of the page after the user signs into appleid.apple.com.
– Apple sends an email and iMessage notification to the email addresses and phone numbers associated with the user’s Apple ID.

Apple Support

Apple Newsroom: Apple sues NSO Group to curb the abuse of state-sponsored spyware

Apple Support: About Apple threat notifications and protecting against state-sponsored attacks

Reference: Apple Aims to Cut Down on Spyware With Lawsuit Against NSO Group, Apple Sues NSO Group, Apple’s Own Announcement of Their Lawsuit Against NSO Group, Apple Outlines How It Will Notify Users Who Have Been Targeted by State-Sponsored Spyware Attacks

Recommendations

Developer:

Business as usual.

QA engineer:

Business as usual.

PM/DM:

Recommend users to update to latest iOS releases, notify regarding threat notifications if needed.

Leave a comment

Leave a Reply