*적용중인 도장
"월요일에 Apple은 파일에 iOS 및 MacOS에 대한 제로 데이 익스플로잇이 포함되어 있음을 확인했습니다. 그들은 FORCEDENTRY 익스플로잇 CVE-2021-30860을 지정하고 "악의적으로 제작된 PDF를 처리하면 임의 코드가 실행될 수 있습니다"라고 설명했습니다. |
단순한 버전 업데이트가 아닌 주된 내용이 보안업데이트였던 모양입니다.
이것은 최초의 Big Sur 대규모 포인트 수정 업데이트로 보입니다.
버그 수정, T2 BridgeOS 업데이트, M1 펌웨어 업데이트, Full Installer와 M1 IPSW가 동시에 출시되었습니다.
Bigsur11.6(20G1650은 배포버전 형태가 아닌 앱스토어 업데이트 형태로만 제공됩니다.
빅서 업데이트 안하신 분들 얼른 하세요.^^
FORCEDENTRYNSO Group iMessage Zero-Click Exploit Captured in the WildSeptember 13, 2021
Devices affected by CVE-2021-30860 per Apple: All iPhones with iOS versions prior to 14.8, All Mac computers with operating system versions prior to OSX Big Sur 11.6, Security Update 2021-005 Catalina, and all Apple Watches prior to watchOS 7.6.2. DiscoveryIn March 2021, we examined the phone of a Saudi activist who has chosen to remain anonymous, and determined that they had been hacked with NSO Group’s Pegasus spyware. During the course of the analysis we obtained an iTunes backup of the device. Recent re-analysis of the backup yielded several files with the “.gif” extension in Library/SMS/Attachments that we determined were sent to the phone immediately before it was hacked with NSO Group’s Pegasus spyware. PayloadThe files were:
Discovery and DisclosureBecause the format of the files matched two types of crashes we had observed on anotherphone when it was hacked with Pegasus, we suspected that the “.gif” files might contain parts of what we are calling the FORCEDENTRY exploit chain. Citizen Lab forwarded the artifacts to Apple on Tuesday, September 7. On Monday, September 13, Apple confirmed that the files included a zero-day exploit against iOS and MacOS. They designated the FORCEDENTRY exploit CVE-2021-30860, and describe it as “processing a maliciously crafted PDF may lead to arbitrary code execution.” The exploit works by exploiting an integer overflow vulnerability in Apple’s image rendering library (CoreGraphics). We are publishing limited technical information about CVE-2021-30860 at this time. Attribution to NSO GroupWe observed multiple distinctive elements that allowed us to make a high-confidence attribution to NSO Group:
SELECT “CASCADEFAIL” FROM ZLIVEUSAGE WHERE ZLIVEUSAGE.ZHASPROCESS NOT IN (SELECT Z_PK FROM ZPROCESS);
Previous NSO Zero-Click ExploitsFORCEDENTRY is the latest in a string of zero-click exploits linked to NSO Group. In 2019, WhatsApp fixed CVE-2019-3568, a zero-click vulnerability in WhatsApp calling that NSO Group used against more than 1400 phones in a two-week period during which it was observed, and in 2020, NSO Group employed the KISMET zero-click iMessage exploit. To our knowledge, the KISMET vulnerability was never publicly identified, though we suspect that the underlying vulnerability (if it still exists) can no longer be exploited via iMessage due to Apple’s introduction of the BlastDoor mitigation in iOS14. We suspect that NSO Group developed FORCEDENTRY, which circumvents BlastDoor, in response to this mitigation. ConclusionDespite promising their customers the utmost secrecy and confidentiality, NSO Group’s business model contains the seeds of their ongoing unmasking. Selling technology to governments that will use the technology recklessly in violation of international human rights law ultimately facilitates discovery of the spyware by investigatory watchdog organizations, as we and others have shown on multiple prior occasions, and as was the case again here. In 2016, we titled our report on the discovery of an iOS and MacOS Apple zero-day the “Million Dollar Dissident.” The title was chosen to reflect the huge sums that autocratic governments are willing to pay to hack their critics. Mercenary spyware companies devote substantial resources to identifying software vulnerabilities on widely used applications and then package those exploits to eager government clients, creating a highly lucrative but widely abused commercial surveillance marketplace. Our latest discovery of yet another Apple zero day employed as part of NSO Group’s arsenal further illustrates that companies like NSO Group are facilitating “despotism-as-a-service” for unaccountable government security agencies. Regulation of this growing, highly profitable, and harmful marketplace is desperately needed. Our finding also highlights the paramount importance of securing popular messaging apps. Ubiquitous chat apps have become a major target for the most sophisticated threat actors, including nation state espionage operations and the mercenary spyware companies that service them. As presently engineered, many chat apps have become an irresistible soft target. Without intense engineering focus, we believe that they will continue to be heavily targeted, and successfully exploited. AcknowledgementsWe thank the targets of Pegasus spyware that have allowed us to analyze their devices, with a special thanks to the individual that worked with us on this case. It is thanks to them, and their bravery, that we were able to make this discovery. Special thanks to all at Apple for quick and responsive action. Thanks to our Citizen Lab colleagues for feedback and editing. Thanks to TNG. |
제목 | 조회 수 | 날짜 | 글쓴이 |
---|---|---|---|
Apple Release Candidates 소식 24/10/21일자 | 234 | 24.10.2204:03 | 제로섬 |
Apple public update Releases 소식 (10/04일자) | 397 | 24.10.0409:21 | 제로섬 |
비 지원 맥용 OpenCore-Legacy-Patcher 2.0.2 다운로드(24/09/29... +6 | 2.7만 | 23.06.0413:37 | 제로섬 |
Safari_18.1_for_macOS_Sonoma(619B22)&Ventura_beta_4(619B2... +2 | 274 | 24.09.2014:03 | 제로섬 |
windows & macOS / Install macOS Sequoia beta7 15.1_24B50... | 270 | 24.09.2005:24 | 제로섬 |
세퀘이아 15.0.1 정식(24A348) 전체 프로그램(24/10/04일자) up +4 | 495 | 24.09.1704:38 | 제로섬 |
windows & macOS / Install macOS Sequoia 정식 15.0.1_24A34... | 968 | 24.07.1806:01 | 제로섬 |
Apple macOS UniversalMac_15.0.1 정식 (24A348)복원IPSW (24/10/... +3 | 417 | 24.09.1020:58 | 제로섬 |
macOS Sonoma 14.7.1 RC3 (23H221) 전체 프로그램 다운로드(24/10... +2 | 645 | 24.08.3015:43 | 제로섬 |
macOS Ventura 13.7.1 RC3 (22H220) 전체 프로그램 다운로드(24/1... | 430 | 24.08.3016:24 | 제로섬 |
windows & macOS / Install macOS Sonoma RC3 14.7.1_23H221... +1 | 5154 | 23.10.1211:27 | 제로섬 |
windows & macOS / Install macOS Ventura RC3 13.7.1_22H220... +1 | 8032 | 23.10.1213:08 | 제로섬 |
Apple M1/M2/M3 macOS Sequoia 15.1 RC (24B82)복원IPSW (24/10/2... | 343 | 24.08.1320:14 | 제로섬 |
Apple Public Releases for 소식 24/08/07일자 | 384 | 24.08.0809:53 | 제로섬 |
macOS Sonoma 14.6.1 정식 (23G93) 전체 프로그램 다운로드(24/08... +4 | 1010 | 24.07.3018:28 | 제로섬 |
macOS Ventura 13.6.9 정식 (22G830) 전체 프로그램 다운로드(24/... | 447 | 24.07.3018:21 | 제로섬 |
macOS Monterey 12.7.6 정식 (21H1320) 전체 프로그램 다운로드 (... +2 | 466 | 24.07.3018:04 | 제로섬 |
Apple Public Releases for 소식 24/07/29일자 +3 | 265 | 24.07.3014:14 | 제로섬 |
Apple, macOS 15 Sequoia 공개 정보 +2 | 3239 | 24.07.0716:59 | 제로섬 |
Safari_18.0.1_정식 설치프로그램_macOS_Sonoma(619A64a)&Ven... +1 | 2632 | 24.07.0619:09 | 제로섬 |
Apple M1/M2/M3 macOS Sonoma 14.6.1 정식 (23G93)복원IPSW (24/0... | 2503 | 24.06.1811:51 | 제로섬 |
Safari_17.6_for_Ventura&Monterey 정식 설치 프로그램 24/07... +1 | 3992 | 24.04.0717:28 | 제로섬 |
windows & macOS / Install macOS Sonoma 정식 14.6.1_22G93.... +1 | 3915 | 24.04.0520:26 | 제로섬 |
windows & macOS / Install macOS Ventura 정식 13.6.9_22G83... | 3687 | 24.04.0521:40 | 제로섬 |
windows & macOS / Install macOS Monterey 정식 12.7.6_21H1... | 3736 | 24.04.0522:27 | 제로섬 |
윈도우 11 23H2 ISO 다운로드 가능 +2 | 1.6만 | 23.11.0423:27 | Mactopia |
Windows에서 macOS 부팅 가능한 USB를 만드는 방법 +16 | 1.9만 | 23.10.0711:52 | 제로섬 |
windows & macOS / Install macOS Big Sur 11.7.10_20G1427.d... | 2.2만 | 23.07.2512:50 | 제로섬 |
여친 없는 엑팔인들을 위한 스팀 게임 몇 가지 나눔 합니다. +27 | 6.7만 | 23.03.0220:10 | 잠퉁이 |
최신 Windows 다운로드 +12 | 4.6만 | 21.10.1703:35 | Dokdo |
윈도우 필수 유틸 #1 - Hoax Eliminator 구라 제거기 +4 | 4.5만 | 21.08.1017:08 | Mactopia |
우분투 서버 설치하기 +3 | 3.5만 | 21.06.0404:29 | 매킨어렵 |
234 | 24.10.2204:03 | 제로섬 | |
205 | 24.10.1612:14 | 제로섬 | |
131 | 24.10.1201:46 | 잠퉁이 | |
113 | 24.10.0805:25 | 제로섬 | |
397 | 24.10.0409:21 | 제로섬 | |
90 | 24.09.2908:26 | 래니 | |
2.7만 | 23.06.0413:37 | 제로섬 | |
150 | 24.09.2509:34 | Mactopia | |
179 | 24.09.2406:45 | 제로섬 | |
149 | 24.09.2405:08 | 소마엠 | |
274 | 24.09.2014:03 | 제로섬 | |
245 | 24.09.2005:37 | 제로섬 | |
270 | 24.09.2005:24 | 제로섬 | |
196 | 24.09.1821:35 | wmy0317 | |
185 | 24.09.1818:57 | 해킨독립 | |
106 | 24.09.1808:05 | 제로섬 | |
495 | 24.09.1704:38 | 제로섬 | |
968 | 24.07.1806:01 | 제로섬 | |
413 | 24.09.1608:54 | 제로섬 | |
417 | 24.09.1020:58 | 제로섬 | |
278 | 24.09.1011:27 | 제로섬 | |
70 | 24.09.1002:10 | 제로섬 | |
92 | 24.09.0509:15 | Mactopia | |
118 | 24.08.3020:41 | 제로섬 | |
645 | 24.08.3015:43 | 제로섬 | |
430 | 24.08.3016:24 | 제로섬 | |
171 | 24.08.3015:27 | 제로섬 | |
5154 | 23.10.1211:27 | 제로섬 | |
8032 | 23.10.1213:08 | 제로섬 | |
180 | 24.08.2904:14 | 제로섬 | |
120 | 24.08.2721:47 | 제로섬 | |
158 | 24.08.2215:27 | 제로섬 | |
184 | 24.08.2103:34 | 제로섬 | |
120 | 24.08.1700:47 | 잠퉁이 | |
106 | 24.08.1405:39 | 제로섬 | |
343 | 24.08.1320:14 | 제로섬 | |
118 | 24.08.1307:26 | 제로섬 | |
166 | 24.08.1214:46 | 제로섬 | |
142 | 24.08.0816:27 | 배고픈사람 | |
384 | 24.08.0809:53 | 제로섬 | |
137 | 24.08.0705:08 | 제로섬 | |
74 | 24.08.0609:19 | jcher | |
145 | 24.08.0603:33 | 제로섬 | |
135 | 24.07.3122:27 | Mactopia | |
1010 | 24.07.3018:28 | 제로섬 | |
447 | 24.07.3018:21 | 제로섬 | |
466 | 24.07.3018:04 | 제로섬 | |
265 | 24.07.3014:14 | 제로섬 | |
117 | 24.07.3004:37 | 제로섬 | |
99 | 24.07.2505:11 | 잠퉁이 | |
137 | 24.07.2506:37 | 제로섬 | |
166 | 24.07.2406:51 | 제로섬 | |
780 | 24.07.1703:39 | 제로섬 | |
1023 | 24.07.1604:47 | 제로섬 | |
899 | 24.07.1602:37 | 제로섬 | |
1649 | 24.07.1312:38 | 제로섬 | |
1976 | 24.07.1104:03 | 잠퉁이 | |
1998 | 24.07.1113:07 | 제로섬 | |
1960 | 24.07.1109:51 | 제로섬 | |
1946 | 24.07.1109:45 | 제로섬 | |
1972 | 24.07.1109:37 | 제로섬 | |
2924 | 24.07.1002:55 | 제로섬 | |
3239 | 24.07.0716:59 | 제로섬 | |
2632 | 24.07.0619:09 | 제로섬 | |
1312 | 24.07.0308:18 | 제로섬 | |
7910 | 23.10.1215:11 | 제로섬 | |
1283 | 24.07.0308:33 | 제로섬 | |
1299 | 24.07.0308:24 | 제로섬 | |
2393 | 24.07.0209:35 | 제로섬 | |
1325 | 24.07.0209:13 | 제로섬 | |
923 | 24.06.2622:09 | Mactopia | |
891 | 24.06.2617:09 | Mactopia | |
1203 | 24.06.2612:10 | 제로섬 | |
596 | 24.06.2513:12 | 제로섬 | |
278 | 24.06.2309:45 | 제로섬 | |
213 | 24.06.2111:16 | 제로섬 | |
195 | 24.06.2111:06 | 제로섬 | |
202 | 24.06.2110:57 | 제로섬 | |
2503 | 24.06.1811:51 | 제로섬 | |
145 | 24.06.1808:37 | 제로섬 |