In a recent development, the Cabinet Division has issued a critical Cyber Security Advisory, revealing that Apple iPhones are under siege from the notorious Pegasus spyware, unleashed through a vulnerability known as the Blast Pass Exploit. This exploit gains access to iPhones via the iMessage feature, utilizing two specific vulnerabilities (CVE-2023-41061 and CVE-2023-41064), making it a zero-click, zero-day malware.
What’s particularly concerning is that Blast Pass can infiltrate even the latest Apple iOS version (16.6) without any user interaction. In response, Apple has promptly issued an advisory to safeguard iPhone users.
To protect themselves, Apple users are urged to take specific safety steps, including upgrading to the latest iOS version (16.6.1 or higher), enabling lockdown mode for maximum protection, and disabling the iMessage feature. In addition to these specific measures, there are general security steps advised for all Apple users. These include using strong passcodes and two-factor authentication for Apple ID, downloading apps exclusively from the official Apple Store, adopting anonymity-based solutions when browsing the internet, disabling location services on Apple devices, subscribing to Apple’s security bulletins and threat notifications, and avoiding phone usage in sensitive locations or during important meetings.
The alert also highlights the importance of staying vigilant against the threat of Pegasus spyware and other cyberattacks, emphasizing the need for a proactive approach to cybersecurity in an era where digital threats continue to evolve.