← Back to context

Comment by manuelabeledo

2 years ago

For starters, it took them four years to detect an intrusion that takes advantage of a messaging service (iMessage) that wasn't the corporate choice for internal communications, and allowed the exfiltration of gigabytes of data from the C-suite and high level managers.

This is Kaspersky. They had to be aware of the long history of iMessage security bugs. They could have disabled it. They chose to ignore it instead.

2 comments

manuelabeledo

Reply
saagarjha  2 years ago

This is an exploit from an adversary that reversed undocumented MMIO registers to completely bypass kernel write protections. Do you honestly believe that disabling iMessage would keep them out? They’d just field the exploit using Exchange or HomeKit or any of the dozen other ways there are to get content onto the devices.

  • manuelabeledo  2 years ago

    > Do you honestly believe that disabling iMessage would keep them out?

    Maybe, maybe not. But it is still a testament to their poor security posture that iMessage was enabled in corporate devices, when it is not part of their software catalog.

    Kaspersky has tried to publicly switch blame to Apple twice in a row now. Maybe it is time for them to take some.