Last week, Apple found two zero-day vulnerabilities in both iOS 15.6.1 and iPadOS 15.6.1 that hackers may have actively exploited to gain access to corporate networks, according to at least one report. The first vulnerability enables a hacker to execute arbitrary code with kernel privileges, and the second works with maliciously crafted web content to execute arbitrary code. Each flaw gives an attacker remote access to the device, which these days is typically used for both personal and professional needs. 

The increase in hybrid work situations has driven hackers to start targeting Apple devices more than ever before. “There are more than one billion active iPhone users,” commented Avast Security Evangelist Luis Corrons. “Add to that the number of iPad users, and put in the mix that we are not talking about cheap devices. These targets are really juicy, so exploits that compromise iOS and iPadOS are in high demand. Just remember the Pegasus case, which was used to compromise devices from journalists, politicians, etc. We’ll definitely be seeing more attacks on iPhones and iPads in the future.” To read more on this story, see VentureBeat.

Ex-Apple staffer pleads guilty to stealing secrets

Xiaolang Zhang pled guilty this week to a 2018 charge by the FBI that he stole trade secrets from Apple’s autonomous vehicle project. Zhang was hired by Apple in 2015, and by 2018 he was designing and testing circuit boards for sensors on the secretive car project’s Compute Team. Apple suspected Zhang may be stealing trade secrets when he took a trip to China on paternity leave, then returned to say he was resigning to move permanently to China, where he would work for Xmotors, a leading Chinese electric vehicle company. He faces up to 10 years in prison and $250,000 fine. Read more at CNBC. 

Twitter tests new label for accounts with verified phone numbers

With Twitter under fire for several reasons, including a whistleblower’s testimony from former Twitter security chief Peiter ‘Mudge’ Zatko that there are far more bots on the platform than the company leads the public to believe, an engineer named Jane Manchun Wong has tweeted that Twitter is working on a special label for accounts that have verified phone numbers. The hope is that the label will help users tell which accounts are being run by real people. Twitter lets users have the same phone number associated with up to 10 accounts. Wong also tweeted that the platform is working on showing tweet view count, though it’s unclear as of yet if this will be viewable only to the tweet’s author. See The Verge for more on this story.

Zoom patches twice in the same week

Just days after Zoom patched a vulnerability for its Mac users that allowed bad actors root access, the company released another patch saying the first could be bypassed. The exploit is publicly known, and Mac Zoom users are urged to update to version 5.11.6, released August 17. The Zoom auto-update utility for Mac holds onto its privileged status to install Zoom packages and can be tricked into verifying other packages. Malicious actors could exploit this flaw to gain root access to the system. To learn more, see Ars Technica. 

How to hack air-gapped systems

An Israeli researcher has discovered a new hack that can exfiltrate data from air-gapped systems using the blinking LED indicators on network cards. Dubbed “ETHERLED,” the hack involves infecting an air-gapped computer with malware that replaces the network card driver with a version that modifies the LED color and blinking frequency. A camera with a direct line of sight to the LED light can then record the blinking and translate it into binary data. Air-gapped systems are typically found in sensitive environments like critical infrastructure or weapon control units, and they consist of computers that are isolated from the internet for security reasons. For more details on this attack, see Bleeping Computer. 

This week’s must-read on the Avast blog 

Scams are reaching New Zealanders and Australians via multiple communications channels on a weekly basis. Read more in the report on our recent research.