Spyware zero-days and MFA iPhone bomb attacks – week highlights

March 30, 2024
1 min read

TLDR:

Key points:

  • Vulnerability in Apple’s Silicon M-series chips discovered by academic researchers.
  • Chinese state-backed hacking group, APT 31, used family members to surveil targets.
  • MFA bombing attacks targeting Apple users reported.
  • Recommendation for a US military cyber force made in a new report.
  • Google’s report on exploited zero-days in 2023 shows a rise fueled by spyware.
  • Facebook snooped on encrypted Snapchat traffic in 2016.

Article Summary:

This week’s Cyber Security Headlines – Week in Review featured various significant cybersecurity events. Academic researchers discovered a vulnerability in Apple’s Silicon M-series chips that cannot be patched, leading to potential security risks for Apple users. The Chinese state-backed hacking group, APT 31, used unconventional tactics, such as targeting family members of actual targets, to conduct surveillance. Additionally, Apple users reported MFA bombing attacks, highlighting issues with the company’s password reset feature. A new report called for the creation of a US military cyber force to improve cybersecurity efforts. Google released a report showing a rise in exploited zero-days in 2023, fueled by spyware activities. The article also detailed how Facebook, then known as Facebook, had conducted surveillance on encrypted Snapchat traffic in 2016, raising privacy concerns. These events underscore the ongoing challenges and threats faced in the cybersecurity landscape.

Latest from Blog

EU push for unified incident report rules

TLDR: The Federation of European Risk Management Associations (FERMA) is urging the EU to harmonize cyber incident reporting requirements ahead of new legislation. Upcoming legislation such as the NIS2 Directive, DORA, and