Apple has released an immediate software update for its devices, iOS 16.5.1, which should be downloaded promptly even if automatic updates are enabled. Receive Kurt’s free Cyberguy newsletter for expert security alerts, quick tips, tech reviews, and easy how-to’s to enhance your knowledge. This update addresses two critical security vulnerabilities actively exploited in real-world iPhone cyberattacks. Chaining these vulnerabilities together could grant a remote attacker complete control over a compromised device. The most recent iPhone update addresses these security flaws, as reported by CyberGuy.com.
So, what does Apple fix with these security updates? The fixes relate to the Kernel and WebKit components of the iOS operating system. The Kernel acts as the core of the system, managing hardware and software interactions. WebKit, on the other hand, powers the Safari browser on iOS devices. Both components had flaws that hackers could exploit to execute arbitrary code with kernel privileges or via malicious web content.
According to Kaspersky, the cybersecurity firm that alerted Apple to these issues, attackers utilized an invisible iMessage with a malicious attachment to deliver TriangleDB spyware through a zero-click attack. This spyware resides in a device’s memory and can pilfer various data, such as audio recordings, photos, videos, location history, contact information, browsing history, passwords, and more. The Invisible iMessage with the malicious attachment was the delivery mechanism for TriangleDB spyware in a zero-click attack, as reported by CyberGuy.com.
What’s alarming about TriangleDB spyware is its ability to infect and monitor iOS devices without any user interaction. This means that simply owning an iPhone is enough for the spyware to infiltrate the device, without the user having to click or interact with anything. This is particularly concerning for the Kernel, as hackers can compromise the core of the iOS operating system without any user input and potentially circumvent many security tools on the device. Once installed, the spyware can access and share audio recordings, photos, videos, location history, and more with the hacker. It can also steal contact information, browsing history, passwords, and other sensitive data.
Who has been targeted by these attacks, and should you be worried? Kaspersky discovered several dozen iPhones infected with this new spyware, including devices belonging to senior employees at the company itself. The primary targets thus far appear to be journalists, politicians, business executives, human rights activists, and other high-profile individuals. While average users may not be specific targets, it is still crucial to update iOS devices immediately with this new software.
So, how can you protect yourself against TriangleDB spyware? The most important action you can take right now is to promptly install the new iOS 16.5.1 update on your iOS devices. To do this, go to Settings, select General, and tap Software Update. If you haven’t updated your device yet, you should see the update available. Click “Install Now” to begin the update process, as illustrated on CyberGuy.com.
Another important step to protect yourself is to have antivirus software installed on all your devices. Regularly checking for updates can be challenging for some individuals, making antivirus software a valuable safeguard. It will prevent you from clicking on potential malicious links that may install malware on your device, granting hackers access to your personal information. Additionally, antivirus software can scan your device for malware and viruses, alerting you to any suspicious activity. CyberGuy.com/LockUpYourTech features my expert review of the best antivirus protection for Windows, Mac, Android, and iOS devices.
In conclusion, it is essential to regularly check for software updates on your devices. Companies like Apple release bug fixes to protect your privacy, so take advantage of these updates. It is unclear why Apple did not release iOS 16.5.1 as a Rapid Security Response update, which allows for immediate upgrades. It is possible they wanted to publicize the vulnerabilities to encourage more users to update. Regardless of the reason, it is our responsibility to remain vigilant against hackers who constantly seek to bypass security measures. Stay attentive, update your devices promptly, and safeguard your information from these criminals.
How frustrating is it to consistently update your iPhone for the sake of security due to vulnerabilities like these? Let us know by contacting us at CyberGuy.com/Contact. To access more security alerts, subscribe to my CyberGuy Report Newsletter for free at Cyberguy.com/Newsletter.
Copyright 2023 CyberGuy.com. All rights reserved. Kurt “CyberGuy” Knutsson is an award-winning tech journalist with a passion for technology, gear, and gadgets that enhance our lives. He contributes to Fox News & FOX Business, appearing on “FOX & Friends” in the mornings. Have a tech question? Join Kurt’s CyberGuy Newsletter, share your voice, story ideas, or comments at CyberGuy.com.
Denial of responsibility! VigourTimes is an automatic aggregator of Global media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, and all materials to their authors. For any complaint, please reach us at – [email protected]. We will take necessary action within 24 hours.
