CP
cyberpings
Threat IntelHIGH

Coruna iOS Exploit - Update to Operation Triangulation

SWSecurityWeek
CorunaOperation TriangulationUNC6353iOS vulnerabilitiesCVE-2023-32434
🎯

Basically, a new hacking tool targets iPhones using old vulnerabilities.

Quick Summary

A new iOS exploit kit, Coruna, is targeting vulnerabilities previously used in Operation Triangulation. Millions of devices are at risk, especially those without recent updates. Stay vigilant and ensure your iOS is patched to avoid exploitation.

The Threat

The recently discovered Coruna iOS exploit kit has emerged as a significant threat in the cybersecurity landscape. This exploit kit is an updated version of a kernel exploit that was previously used in Operation Triangulation three years ago. According to Kaspersky, Coruna targets 23 vulnerabilities in iOS, including critical zero-day exploits like CVE-2023-32434 and CVE-2023-38606. These vulnerabilities were initially leveraged in high-profile attacks, indicating that Coruna is not just a minor update but a sophisticated tool for cyber-espionage.

Who's Behind It

The UNC6353 group, a Russian state-sponsored espionage entity, is reportedly using Coruna in its operations against Ukraine. This group has a history of employing advanced cyber techniques, and the use of Coruna signifies an escalation in their tactics. The exploit kit's design indicates that it was not hastily assembled; rather, it reflects a unified approach to exploitation, suggesting a high level of sophistication and intent.

Tactics & Techniques

Coruna's updated exploits feature enhanced capabilities, including more accurate version checking and compatibility with newer iOS iterations and Apple processors. This modular design allows for easy reuse by other threat actors, increasing the potential for widespread exploitation. Kaspersky warns that millions of users with unpatched devices are now at risk, as the exploit kit's reach extends to various iOS versions. The implications are severe, as the same framework could be adapted by lower-tier cybercriminals, further amplifying the threat landscape.

Defensive Measures

To protect against the risks posed by Coruna, users should ensure their iOS devices are updated with the latest security patches. Regularly checking for updates can mitigate the risk of exploitation. Additionally, users should be aware of the signs of potential compromise, such as unusual device behavior or unexpected messages. As cyber threats evolve, staying informed and proactive is essential for safeguarding personal and organizational data.

🔒 Pro insight: The modular design of Coruna suggests a looming threat as more actors may adopt its framework for diverse attacks.

Original article from

SecurityWeek · Ionut Arghire

Read Full Article

Share

Related Pings

MEDIUMThreat Intel

Infrastructure Attacks - Physical Consequences Drop 25%

Infrastructure attacks on operational technology have dropped by 25%. This decline shows hackers are less focused on critical systems, but vigilance is still needed.

Dark Reading·
HIGHThreat Intel

Threat Intel - Cybersecurity Updates from Week 13

This week in cybersecurity, major ransomware actors faced justice, while new threats like FAUX#ELEVATE emerged. TeamPCP's supply chain attacks highlight the growing risks in software development. Organizations must enhance defenses to combat these evolving threats.

SentinelOne Labs·
HIGHThreat Intel

Threat Intel - Urgent Need to Counter Underwater Drones

The Iran war has escalated the threat from underwater attack drones, prompting urgent action from US and UK forces. This poses significant risks to maritime shipping and infrastructure. Both nations are actively seeking innovative solutions to counter this emerging threat.

The Register Security·
HIGHThreat Intel

Geopolitical Tensions - Cyber Operations on the Rise

The Threat Rising geopolitical tensions are reshaping the cyber landscape. Cyber operations are not just tools of criminal hackers anymore; they are integral to statecraft. As nations grapple with shifting power dynamics, the role of technology in warfare and espionage has become more pronounced. State-sponsored actors are now engaging in sophisticated cyber operations aimed at critical infrastructure, intelligence collection,

The Hacker News·
HIGHThreat Intel

Threat Intel - Cyberattack on Die Linke by Qilin Hackers

Die Linke has fallen victim to a cyberattack by suspected Russian hackers. Sensitive internal data may be compromised. This raises serious concerns about political cybercrime and the integrity of democratic processes.

CSO Online·
HIGHThreat Intel

Espionage Attacks - Hackers Use USB Malware and RATs

Hackers have launched a cyberespionage campaign against a Southeast Asian government. Using USB malware and RATs, they aim to steal sensitive data. This coordinated attack poses significant risks to national security.

Cyber Security News·