Zero-Day Alert: Apple Releases Patches for Actively Exploited Flaws in iOS, macOS, and Safari
Apple on Wednesday released a slew of updates for iOS, iPadOS, macOS, watchOS, and Safari browser to address a set of flaws it said were actively exploited in the wild.
This includes a pair of zero-days that have been weaponized in a mobile surveillance campaign called Operation Triangulation that has been active since 2019. The exact threat actor behind the activity is not known.
ScarCruft Hackers Exploit Ably Service for Stealthy Wiretapping Attacks
The North Korean threat actor known as ScarCruft has been observed using an information-stealing malware with previously undocumented wiretapping features as well as a backdoor developed using Golang that exploits the Ably real-time messaging service.
New Report Exposes Operation Triangulation’s Spyware Implant Targeting iOS Devices
More details have emerged about the spyware implant that’s delivered to iOS devices as part of a campaign called Operation Triangulation.
Startup Security Tactics: Friction Surveys
When we do quarterly planning, my team categorizes our goals within four evergreen outcomes:
- Reduce the risk of information security incidents…
Chinese Hacker Group ‘Flea’ Targets American Ministries with Graphican Backdoor
Foreign affairs ministries in the Americas have been targeted by a Chinese state-sponsored actor named Flea as part of a recent campaign that spanned from late 2022 to early 2023.