New Technique Can Fool iPhone Users About Lockdown Mode and Carry Out Covert Attacks
DPRK's Andariel targeted anti-aircraft laser data, CISA warns of severe Adobe ColdFusion flaw, Wyden warns of smartphone push notification spying, SpyLoad apps downloaded 12m+ times, much more
If you have any funds to spend before your year-end budget runs out, consider becoming a paid subscriber to Metacurity. We need your support to continue providing our daily newsletter. Thank you!
Researchers at Jamf Threat Labs report that a new "post-exploitation tampering technique" can be abused by malicious actors to visually deceive a target into believing that their Apple iPhone is running in Lockdown Mode when it's not and carry out covert attacks.
Lockdown Mode, introduced by Apple last year with iOS 16, is an enhanced security measure that aims to safeguard high-risk individuals from sophisticated digital threats such as mercenary spyware by minimizing the attack surface. But Lockdown mode has no safeguards to stop the malware from running in the background.
The new technique aims to implement Fake Lockdown Mode on a device that an attacker compromises through other means, such as unpatched security flaws that can trigger the execution of arbit…