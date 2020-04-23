Experts Comments On iPhone’s Could Be Vulnerable To Email Software Hack

The Wall Street Journal has reported that sophisticated hackers may be attacking Apple Inc. iPhones by exploiting a previously unknown flaw in the smartphone’s email software.

ZecOps announced today that a few of its customers were targeted with two zero-day exploits for iOS last year. One of the vulnerabilities showed that it can be triggered remotely and another one requires an additional vulnerability to trigger it remotely.

Researchers said the vulnerabilities are widely exploited in the wild in targeted attacks by an advanced threat operator(s) to target executive management across multiple industries.

James McQuiggan, Security Awareness Advocate,  KnowBe4
April 23, 2020
This type of vulnerability is disturbing because it involves no action by the user.
This type of vulnerability is disturbing because it involves no action by the user, as they may not realize their smartphone is infected after an attack. While this vulnerability has been fixed in the developer's current beta versions, it is essential to get the patch out soon for end users to secure their devices from this exploit. Depending on the risk and confidentiality of an employee's email, ....
Josh Bohls, Founder,  Inkscreen
April 23, 2020
The silver lining in this case is Apple's apparent acknowledgement.
This disclosure highlights the fact that all apps and mobile platforms are vulnerable to hacks and intrusions. The silver lining in this case is Apple's apparent acknowledgement of the issue and quick action to address it now that the issue has come to light. Apple will always hold an advantage over Android in their centralized approach to software updates, although the rapid evolution of devices ....
Chris Clements, VP,  Cerberus Sentinel
April 23, 2020
The attack affects the built-in iOS Mail app but not other popular emails apps such as Outlook or Gmail.
These attacks on iOS devices have been exploited for over 2 years by nations states and professional hacking organizations and affect all versions of iOS since at least 2012. The attack affects the built-in iOS Mail app but not other popular emails apps such as Outlook or Gmail. You must assume that any attacker with enough ability or financial backing has access to sure-fire exploits that can tak ....
Christoph Hebeisen, Director, Security Intelligence Research,  Lookout
April 23, 2020
Surveillance tooling using such exploits is available for sale and, in some cases, as a service by third parties.
As we have seen in the past, sophisticated attacks on high value - or high profile - targets aim to leverage exploit chains starting with a one-click or zero-click attack to increase their chances of success. Surveillance tooling using such exploits is available for sale and, in some cases, as a service by third parties. The rising prevalence of such attacks indicates that attackers are becoming i ....
