Apple® Issues Patch to Fix Spyware Vulnerability

Publish Date

Type

Cyber Alert

Topics
  • Cybersecurity
  1. Insights
  2. Apple® Issues Patch to Fix Spyware Vulnerability

A vulnerability has been discovered in Apple® products that enables the installation of unauthorized software without the user's permission. The vulnerability is actively used to install Pegasus spyware on devices, allowing user activities to be surveilled by an external party. The spyware has been discovered in use on the phones of activists, dissidents, journalists, and others. Now exposed, others may use this vulnerability for criminal purposes.

Apple has released updates to its operating system software in response to the discovered vulnerability. Upgrades are available for the iPhone, iPad, Apple Watch, and Mac computer.

ACA guidance

The existence of this zero-click vulnerability makes it likely to be exploited by others, and anyone can effectively be a target. As such, ACA recommends taking the following precautionary measures:

  • Urgently apply the operating system updates to all Apple devices.
  • Use a mobile device management system to enforce upgrades of software, monitor software upgrade status, and ensure secure configuration of mobile devices.
  • Strongly encourage third-party service providers to apply this update to their systems.

How we help

ACA Aponix® offers the following solutions that can help your firm stay in compliance with federal and state regulatory requirements, and enhance its cybersecurity in general.

Download our Aponix Protect cybersecurity solution brochure.

If you have any questions, please contact your ACA Aponix consultant or contact us here.

Join us for a live webcast

Cybersecurity Budgets, Investments, and Initiatives

 

 

Cybersecurity and risk management leadership are gearing up for their budget season. To help you prepare, we are hosting an open discussion and Q&A session to review peer trends for cybersecurity budgets, investments, and initiatives as you head into next year. Register

This is the first in a monthly series of fireside chats to help CISOs and IT professionals gear up for 2022. Be on the lookout for invitations to our future webcasts.

Related insights

cyber lock

Critical Vulnerability Detected in Palo Alto Networks' GlobalProtect Gateways

A popular firewall used in the financial industry is under attack due to a critital zero-day vulnerability. Firms that use Palo Alto Networks' firewall need to update their software to protect their systems.

Cyber Alert
  • Cybersecurity
abstract image with a lock and shield

Two Important Cybersecurity Alerts from CISA

The Cybersecurity and Infrastructure Security Agency (CISA) issued two advisories that require impacted firms to take immediate action.

Cyber Alert
  • Cybersecurity
lock

Cybersecurity Benchmarking Survey Lists Top Concerns and Preparedness Among Respondents

Our annual survey in partnership with NSCP reveals that investment firms overlook AI as a cybersecurity risk and remain wary about SEC cybersecurity enforcement and compliance with new rules

Press Release
  • Cybersecurity
  • Cybersecurity Resources
  • ACA News