Replying to Avatar Ava

**Apple backports fix for RTKit iOS zero-day to older iPhones**

"Even though Apple has not released details regarding CVE-2024-23296 exploitation, iOS zero-days are commonly used in state-sponsored spyware attacks targeting high-risk individuals, including journalists, dissidents, and opposition politicians."

https://www.bleepingcomputer.com/news/apple/apple-backports-fix-for-rtkit-ios-zero-day-to-older-iphones/

That makes **three** zero-days for Apple **exploited in attacks** that have been patched in 2024, in addition to the fact that Apple still hasn't fixed multiple VPN bypass vulnerabilities on iOS...since 2020.

https://protonvpn.com/blog/apple-ios-vulnerability-disclosure/

#cybersecgirl

Avatar
Ava 1y ago

Cellular networks should definitely be considered compromised networks. I ditched SIMS some time ago. https://jmp.chat/ and MySudo are both good options.

If a SIM is absolutely necessary for 2FA, silent.link provides international inbound call/text sims that roam on networks, providing more privacy.

If the service is one of the few that does not accept VOIP/XMPP (Jabber) numbers at first, you can often update to one after the initial text verification.

nostr:nevent1qqsqu7z77d7yc2ycug8sz7f6qhne7pddapze0tayje2xmjz6h04muzcprfmhxue69uhhyetvv9ujumn0wd68yurvv438xtnrdaksygzwhzp3p445ak2ud4n289dn6084txu9ltkg7a53mt75qk5jup2ad5psgqqqqqqsjx225m

As far as the VPN attack, I'm familiar with it. It's just one more reason to use Android/GrapheneOS and Linux/QubesOS. Apple still hasn't fixed multiple VPN bipass vulnerabilities on iOS...since 2020.

nostr:nevent1qqs04f3tg24vy7pe3sayklsaked0yn8qk3dyy36thp0dtl5fjnwgxjgpr3mhxue69uhkummnw3ezucnfw33k76twv4ezuum0vd5kzmqzyp8t3qcs666wm9wx6e4rjkea8n64nwzl4my0w6ga4l2qt2fwq4wk6qcyqqqqqqg028t4c

Reply to this note

Please Login to reply.

Discussion

No replies yet.