Featured Story
Apple Rushes to Patch Zero-Day Flaws Exploited for Pegasus Spyware on iPhones
Apple has issued emergency security updates to fix two zero-day vulnerabilities exploited by NSO Group’s Pegasus spyware. CVE-2023-41061 affects Wallet and allows code execution via malicious attachments, while CVE-2023-41064 targets Image I/O and can be exploited via a malicious image in iMessage.
The flaws were used as part of the “BLASTPASS” exploit chain that enabled zero-click attacks on fully patched iPhones. Updates are now available for iOS 16.6.1, iPadOS 16.6.1, macOS Ventura 13.5.2, and watchOS 9.6.2.
These vulnerabilities were exploited with zero user interaction and bypassed Apple’s BlastDoor framework. We recommend applying all relevant updates immediately across iOS, macOS, and watchOS devices. Our SOC can assist in mobile threat defense and device monitoring.
Other Stories
Malvertising Campaign Spreads Atomic Stealer macOS Malware
Attackers are using fake TradingView websites and Google Ads to trick users into downloading the macOS variant of Atomic Stealer (AMOS). The malware, priced at $1,000/month, is designed to steal files, passwords, and crypto wallets from macOS users.
Using non-Windows systems doesn’t make you immune to malware. We recommend:
- Only downloading software from verified sources
- Blocking ads and spoofed domains at the DNS level
- Deploying macOS endpoint protection
Contact us to launch an employee awareness campaign around malware and phishing.
Researchers Discover Critical Vulnerability in PHPFusion CMS
CVE-2023-2453 and CVE-2023-4480 affect PHPFusion versions 9.10.30 and earlier. The first allows remote code execution via a malicious file upload; the second enables reading or writing arbitrary files. No patches are available as of now.
Exploitation is difficult but not impossible. Until a patch is released:
- Restrict access to admin accounts
- Sanitize file uploads and monitor logs
- Inform users of potential risks
Our SOC can help monitor your CMS platform and secure vulnerable components.
API Vulnerabilities: 74% of Organizations Report Multiple Breaches
Traceable and the Ponemon Institute’s latest API security report shows that 74% of organizations have experienced three or more API-related breaches in the past two years. Major issues include API sprawl, inventory management, and lack of visibility.
APIs are often overlooked in traditional security reviews. We recommend:
- Testing APIs before public deployment
- Maintaining accurate API inventories
- Implementing API gateway security and WAFs
Approach’s SOC can help audit and secure your API infrastructure.
Beware: the “sextortion” scam is back!
Scammers are sending emails claiming to have compromising footage of victims and demanding payment to avoid exposure. These emails are hoaxes designed to prey on fear and shame.
Tips:
- Never respond to or pay scammers
- Forward messages to:
- verdacht@safeonweb.be
- suspect@safeonweb.be
- suspicious@safeonweb.be
Our SOC can assist in verifying and handling scam threats.
