DigitalCIO
No Result
View All Result
  • Home
  • Tech News
  • Market Insights
  • CIO Interviews
  • Events and Conferences
  • Opinion and Analysis
  • Resources
DigitalCIO
  • Home
  • Tech News
  • Market Insights
  • CIO Interviews
  • Events and Conferences
  • Opinion and Analysis
  • Resources
No Result
View All Result
Digitalcio
No Result
View All Result
Home Tech News

iPhone hardware feature vital in Operation Triangulation case

DigitalCIO Bureau by DigitalCIO Bureau
January 2, 2024
in Tech News
0
iPhone hardware feature vital in Operation Triangulation case
74
SHARES
1.2k
VIEWS
Share on FacebookShare on Twitter

Kaspersky’s Global Research and Analysis Team (GReAT) has unveiled a previously unknown hardware feature in Apple iPhones, pivotal to the Operation Triangulation campaign. The team presented this discovery at the 37th Chaos Communication Congress in Hamburg.

Kaspersky’s GReAT team discovered a vulnerability in Apple System on a chip, or SoC, that has played a critical role in the recent iPhone attacks, known as Operation Triangulation, allowing attackers to bypass the hardware-based memory protection on iPhones running iOS versions up to iOS 16.6.

The discovered vulnerability is a hardware feature, possibly based on the principle of “security through obscurity,” and may have been intended for testing or debugging. Following the initial 0-click iMessage attack and subsequent privilege escalation, the attackers leveraged this hardware feature to bypass hardware-based security protections and manipulate the contents of protected memory regions. This step was crucial for obtaining full control over the device. Apple addressed the issue, identified as CVE-2023-38606.

As far as Kaspersky is aware, this feature was not publicly documented, presenting a significant challenge in its detection and analysis using conventional security methods. GReAT researchers engaged in extensive reverse engineering, meticulously analyzing the iPhone’s hardware and software integration, particularly focusing on the Memory-Mapped I/O, or MMIO, addresses, which are critical for facilitating efficient communication between the CPU and peripheral devices in the system. Unknown MMIO addresses, used by the attackers to bypass the hardware-based kernel memory protection, were not identified in any device tree ranges, presenting a significant challenge. The team had to also decipher the intricate workings of the SoC and its interaction with the iOS operating system, especially regarding memory management and protection mechanisms. This process involved a thorough examination of various device tree files, source codes, kernel images, and firmware, in a quest to find any reference to these MMIO addresses.

“This is no ordinary vulnerability. Due to the closed nature of the iOS ecosystem, the discovery process was both challenging and time-consuming, requiring a comprehensive understanding of both hardware and software architectures. What this discovery teaches us once again is that even advanced hardware-based protections can be rendered ineffective in the face of a sophisticated attacker, particularly when there are hardware features allowing to bypass these protections,” comments Boris Larin, Principal Security Researcher at Kaspersky’s GReAT.

“Operation Triangulation” is an Advanced Persistent Threat (APT) campaign targeting iOS devices, uncovered by Kaspersky earlier this summer. This sophisticated campaign employs zero-click exploits distributed via iMessage, enabling attackers to gain complete control over the targeted device and access user data. Apple responded by releasing security updates to address four zero-day vulnerabilities identified by Kaspersky researchers: CVE-2023-32434, CVE-2023-32435, CVE-2023-38606, and CVE-2023-41990. These vulnerabilities impact a broad spectrum of Apple products, including iPhones, iPods, iPads, macOS devices, Apple TV, and Apple Watch. Kaspersky also informed Apple about the exploitation of the hardware feature, leading to its subsequent mitigation by the company.

To avoid falling victim to a targeted attack by a known or unknown threat actor, Kaspersky researchers recommend implementing the following measures:

  • Update your operating system, applications, and antivirus software regularly to patch any known vulnerabilities.
  • Provide your SOC team with access to the latest threat intelligence (TI). The Kaspersky Threat Intelligence Portal is a single point of access for the company’s TI, providing cyberattack data and insights gathered by Kaspersky spanning over 20 years.
  • Upskill your cybersecurity team to tackle the latest targeted threats with Kaspersky online training developed by GReAT experts.
  • For endpoint level detection, investigation, and timely remediation of incidents, implement EDR solutions such as Kaspersky Endpoint Detection and Response.
  • Investigate alerts and threats identified by security controls with Kaspersky’s Incident Response and Digital Forensics services to gain deeper insights.
Tags: GReATKaspersky
Share30Tweet19
DigitalCIO Bureau

DigitalCIO Bureau

Recommended For You

Nvidia working on customized version of its H20 chip for China

by DigitalCIO Bureau
May 10, 2025
0
Nvidia working on customized version of its H20 chip for China

Nvidia intends to release a modified version of its H20 artificial intelligence chip for China within two months, reported Reuters citing sources. This will allow Nvidia to circumvent...

Read moreDetails

Wipro names Sandeep Dhar as Global Head of its GCC Practice

by DigitalCIO Bureau
May 9, 2025
0
Wipro names Sandeep Dhar as Global Head of its GCC Practice

Wipro Limited has announced the appointment of Sandeep Dhar as Global Head of its Global Capability Center (GCC) practice. Sandeep brings over 30 years of experience in the...

Read moreDetails

Responsive Report: AI Agents Drive Revenue Growth For Global B2B Enterprises

by DigitalCIO Bureau
May 9, 2025
0
CISOs Need to Champion AI TRiSM to Improve AI Results

Responsive, the global leader in AI-powered Strategic Response Management (SRM) software, in partnership with the Association of Proposal Management Professionals (APMP), today released its 2025 State of Strategic...

Read moreDetails

HCLTech Join Hands With CareAR And ServiceNow To Launch AR- Based IT Infrastructure Solution

by DigitalCIO Bureau
May 9, 2025
0
HCLTech Join Hands With CareAR And ServiceNow To Launch AR- Based IT Infrastructure Solution

HCLTech has launched an augmented reality (AR)-based infrastructure management solution in collaboration with CareAR and ServiceNow to enhance IT operations with augmented intelligence, real-time remote assistance and automation-driven workflows. HCLTech is...

Read moreDetails

Japanese users targeted in new phishing attack

by DigitalCIO Bureau
May 9, 2025
0
Phishing emails using Adobe InDesign on the rise, Barracuda Threat Spotlight reveals

Cybersecurity firm Proofpoint points to a new phishing attack called CoGUI that is primarily targeting Japanese companies and has a financial motive. Japanese authorities have recently warned of...

Read moreDetails
Next Post
Wi-Fi 7 and Standard Power 6 GHz to Boost Wi-Fi Infrastructure Market

Wi-Fi 7 and Standard Power 6 GHz to Boost Wi-Fi Infrastructure Market

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Related News

Covid-19 disruption creates market boom for IoT, connected tech

June 1, 2020
F5 BIG-IP Next for Kubernetes deployed on NVIDIA BlueField-3 DPUs

F5 BIG-IP Next for Kubernetes deployed on NVIDIA BlueField-3 DPUs

October 24, 2024

Gartner Survey Finds Only 12% of Infrastructure & Operations Leaders Exceed CIO Performance Expectations

December 6, 2023

Browse by Category

  • Acquisition
  • Appointment
  • Archive
  • Artificial Intelligence
  • CIO Interviews
  • Cloud
  • Datacenter
  • Events and Conferences
  • Market Insights
  • News
  • Opinion and Analysis
  • Products
  • Resources
  • Security
  • Storage
  • Tech News
  • Telecom
Digitalcio

Welcome to DigitalCIO, your ultimate source for staying ahead in the ever-evolving world of technology and business.

BROWSE BY TAG

Acquisition AI Appointment artificial intelligence Artificial Intelligence and Machine Learning AWS Big Data and Analytics Blockchain CISCO Cloud Computing Cloudflare Commvault CrowdStrike Cybersecurity Dell Technologies Digital Transformation Dynatrace E-books Fortinet Gartner GenAI Generative AI Google Cloud Honeywell IBM Infographics Internet of Things (IoT) Kaspersky Kyndryl Microsoft Netskope Nutanix Palo Alto Networks Panel Discussion Qlik Salesforce Schneider Electric ServiceNow Sophos Tenable Veeam Veeam Software Vertiv Webinars Whitepaper

CATEGORIES

  • Tech News
  • Market Insights
  • CIO Interviews
  • Events and Conferences
  • Opinion and Analysis
  • Resources
  • Archive

NAVIGATION

  • Home
  • About Us
  • Advertise with Us
  • Contact Us

© 2024 digitalcio.in - All rights reserved.

No Result
View All Result
  • Home
  • Tech News
  • Market Insights
  • CIO Interviews
  • Events and Conferences
  • Opinion and Analysis
  • Resources

© 2024 digitalcio.in - All rights reserved.

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?