SecureMac, Inc.

Checklist 343: Pegasus and Wonderlust

September 14, 2023

This week we discuss Apple resuming their efforts to battle pegasus, urgent security updates, and what went down at Apple’s Wonderlust event.

Checklist 343: Pegasus and Wonderlust

Apple Resumes Battle Against Pegasus Spyware: A Recap

Apple intensifies efforts to combat the notorious Pegasus spyware developed by NSO Group, reigniting a longstanding battle against digital surveillance.

  • Pegasus, not to be confused with the mythical winged horse, is a highly invasive spyware created by the NSO Group, marketed primarily to law enforcement and intelligence agencies worldwide.
  • NSO Group asserts Pegasus is designed solely for crime and terrorism prevention, but critics argue that it facilitates authoritarian regimes’ repression.
  • A 2021 report by The Guardian revealed that Pegasus was being used to target human rights activists, journalists, and lawyers across the globe.

Apple’s Response

  • In 2021, Apple condemned cyberattacks on journalists and activists while emphasizing the security of its iPhones, though acknowledging they weren’t impervious to Pegasus.
  • Pegasus could infect iPhones through various methods, including 0-click iMessage exploits.

Targeted Attacks

  • Apple attempted to reassure the majority of its users by emphasizing that tools like Pegasus were typically used in targeted attacks and were not a threat to the average user, unless they encountered individuals in power or those challenging authority who faced blackmail, harassment, or worse.

Lockdown Mode

  • Apple introduced Lockdown Mode as a groundbreaking security feature designed to protect users susceptible to highly targeted cyberattacks.
  • Lockdown Mode restricts various smartphone functionalities, such as blocking or disabling file sharing, web technologies, and service requests.
  • Apple filed a lawsuit against NSO Group in late 2021, seeking to ban further harm to individuals using Apple’s products and services.
  • The lawsuit aimed to address NSO Group’s alleged violations of US federal and state law and its efforts to target Apple and its users.

Apple’s Philanthropy

  • Despite its massive market capitalization, Apple pledged $10 million to support Citizen Lab and Amnesty Tech, organizations that exposed NSO Group’s exploits.
  • Apple also promised to donate any winnings from the lawsuit to organizations dedicated to cybersurveillance research and advocacy, in addition to offering technical assistance pro bono.

Ongoing Struggle

  • Despite Apple’s efforts, the battle against Pegasus spyware continues, as the tech giant remains committed to protecting user privacy and security against digital surveillance threats.

Apple Issues Urgent Security Updates to Counteract NSO Group’s Pegasus Spyware Exploitation

Vulnerabilities exploited in ongoing military conflict between Armenia and Azerbaijan

September 14, 2023 – In a recent turn of events, Apple has released a series of security updates aimed at countering the exploitation of zero-day vulnerabilities actively used by NSO Group’s notorious Pegasus spyware. These vulnerabilities were revealed to have been employed in a military conflict between Armenia and Azerbaijan, targeting journalists, human rights advocates, a United Nations official, and civil society members in Armenia.

Recent Developments

  • Three months ago, The Guardian reported the first known case of NSO Group’s spyware being employed in a military conflict. The hacking campaign, which spanned from October 2020 to December 2022, was closely linked to the Armenia-Azerbaijan conflict.
  • Last week, Apple swiftly responded by releasing iOS and iPadOS 16.6.1, watchOS 9.6.2, and macOS 13.5.2 updates. These updates addressed vulnerabilities in ImageIO and the Wallet app.
  • Apple’s decision to issue these urgent updates, just weeks before the expected major fall releases, raised concerns about the severity of the vulnerabilities. Apple acknowledged reports that these vulnerabilities had been actively exploited.
  • Citizen Lab, an internet watchdog group that has previously exposed Pegasus, identified a zero-click vulnerability tied to ImageIO, which had been patched by Apple. The second vulnerability tied to Wallet was also discovered by Apple during its investigation.
  • These vulnerabilities were part of an exploit chain designed to deliver NSO Group’s Pegasus malware. Zero-click exploits, like these, are particularly dangerous as they don’t require any action from the targeted user, making them highly effective.
  • Notably, the initial security updates were only available for devices running the latest operating systems, leaving concerns for users with older hardware who may also be potential targets of Pegasus.
  • Apple addressed this issue by releasing iOS and iPadOS 15.7.9, macOS Monterey 12.6.9, and macOS Big Sur 11.7.10 updates, extending protection to users with older devices.

In response to these developments, Apple has taken proactive measures to safeguard its users against Pegasus spyware. These updates are crucial in the ongoing battle to protect individuals and organizations from state-sponsored cyberattacks.

Apple’s Wonderlust Event Highlights Safety, Privacy, and Convenience

In its annual iPhone and Apple Watch showcase, Apple, in an event named “Wonderlust,” put a spotlight on safety, privacy, and some intriguing new features. While security took a back seat, the event began with heartwarming celebrations of individuals whose lives were saved by Apple technology.

Life-Saving Technologies Steal the Show

Apple’s event kicked off with touching stories of people rescued by Apple’s Emergency SOS via Satellite, Crash Detection, and heart-monitoring technology. These stories resonated emotionally, even causing some attendees to shed tears.

Enhanced On-Device Siri Processing for Privacy

Apple announced that its latest Apple Watch models would have the capability to process Siri requests on-device, without relying on Wi-Fi or cellular networks. This move aims to provide quicker and more reliable responses while bolstering privacy. Users can now use Siri to access data from the Health app for health- and fitness-related queries, ensuring sensitive information remains secure.

Roadside Assistance via Satellite

Building upon its satellite infrastructure, Apple introduced Roadside Assistance via satellite in the U.S. for its iPhone 15 lineup. This feature allows users to connect to AAA, the country’s largest roadside assistance provider, even when cellular and Wi-Fi coverage is unavailable. It enables quick transmission of important information to dispatch help to the user’s precise location. While this service is initially free for two years, pricing details beyond that period remain undisclosed.

Display Brightness for Convenience and Privacy

Apple also unveiled the Apple Watch Series 9 and Apple Watch Ultra 2 with improved display brightness. In direct sunlight, the screen can brighten up to an impressive 2000 nits, making it easier to view notifications. However, the privacy-conscious will appreciate that in low-light settings, the display can drop to just one nit, minimizing disruption to those nearby. Apple emphasized its concern for user privacy and the potential for distractions in dark environments.

The Evolution of Safety and Security

The event hinted at how Apple’s ongoing technological advancements, such as better connectivity, improved battery life, and faster processors, contribute to increased safety and security for its users. As orders for the iPhone 15 lineup open on September 15, and shipments commence on September 22, consumers can anticipate a more advanced level of protection with the latest Apple devices.

Get the latest security news and deals