InfoSecBulletin Cybersecurity for mankind
This week, Apple notified several individuals it believes were targeted by government spyware, according to two of those individuals. As of Wednesday, only two people have reported receiving notifications from Apple this week.
Ciro Pellegrino, an Italian journalist for Fanpage, reported receiving an email and text from Apple on Tuesday informing him that he was targeted with spyware. He also noted that he wasn’t the only one affected.
Russia detects first SuperCard malware attacks via NFC
Income Property Investments exposes 170,000+ Individuals record
ALERT (CVE: 2023-28771)
Zyxel Firewalls Under Attack via CVE-2023-28771 by 244 IPs
CISA Flags Active Exploits in Apple iOS and TP-Link Routers
10K Records Allegedly from Mac Cloud Provider’s Customers Leaked Online
Canada 2nd largest airlines “WestJet” investigates cyberattack disrupting internal systems
Paraguay 7.4 Million Citizen Records Leaked on Dark Web
High-Severity Flaw in HashiCorp Nomad Allows Privilege Escalation
SoftBank: Over 137,000 personal info leaked
Alert
Trend Micro Apex One Flaw Allow Attackers to Inject Malicious Code
“Today’s notification is being sent to affected users in 100 countries,” the message read, according to Pellegrino’s article.
“Did this really happen? Yes, it is not a joke,” Pellegrino wrote.
The second person to receive an Apple notification is Eva Vlaardingerbroek, a Dutch right-wing activist who posted on X on Wednesday.
“Apple detected a targeted mercenary spyware attack against your iPhone,” the Apple alert said, according to a screenshot shown in a video that Vlaardingerbroek posted on X. “This attack is likely targeting you specifically because of who you are or what you do. Although it’s never possible to achieve absolute certainty when detecting such attacks, Apple has high confidence in this warning — please take it seriously.”
Reacting to the notification, Vlaardingerbroek said that this was an “attempt to intimidate me, an attempt to silence me, obviously.”
It’s not yet clear what spyware campaign, if known, the Apple notifications relate to. Apple has notified users across dozens of countries on two occasions last year that they were targeted by unspecified spyware.
Apple did not immediately respond to a request for comment.
Pellegrino is the second Italian journalist this year to have been notified of being a target of this type of spyware, which is sometimes also referred to as “mercenary” spyware, given that it is often developed by companies who then sell the technology to governments.
In February, WhatsApp notified Pellegrino’s Fanpage colleague Francesco Cancellato that the company “interrupted the activities of a spyware company which we believe attacked your device.”
In Cancellato’s case, WhatsApp stated that the spyware was created by Paragon Solutions, an Israeli company. Citizen Lab, a digital rights organization with over a decade of experience in investigating spyware, is also looking into these attacks on WhatsApp users.
TechCrunch reported, after Cancellato spoke up, two more Italians from Mediterranea Saving Humans, an NGO that aids immigrants, also reported being targeted by Paragon.
Paragon reportedly cut ties with its Italian government customer following these revelations.
