Rapid Security Responses for iOS, iPadOS, and macOS _May 2, 2023

Updated 05/02/2023

Cybersecurity | News

Rapid Security Responses for iOS, iPadOS, and macOS _May 2, 2023

For the first time, Apple has issued a Rapid Security Response update for the latest versions of iOS, iPadOS, and macOS beginning with iOS 16.4.1, iPadOS 16.4.1. and macOS 13.3.1.

If you’re able, please update your Apple devices today. Also, inform your friends and loved ones that they too should update their devices.

Here’s how you can update your devices according to Apple:

By default, your device allows rapid security responses to be applied automatically and, if necessary, will prompt you to restart your device. To check your device settings:

  • iPhone or iPad: go to settings > general > software update > automatic updates, then make sure that "security responses & system files" is turned on.
  • Mac: choose apple menu  > system settings. Click general in the sidebar, then click software update on the right. Click the show details button next to automatic updates, then make sure that "install security responses and system files" is turned on.

When a rapid security response has been applied, a letter appears after the software version number, as in this example: MacOS 13.3.1 (a). (citation).

Why has Apple issued the response?

We can only speculate, but a new malware, called the Atomic macOS Stealer (AMOS), targeting macOS was discovered by Cyble Research and Intelligence Labs (CRIL) in April 2023.

According to the Cyble blog:

…the atomic macos stealer can steal various types of information from the victim’s machine, including keychain passwords, complete system information, files from the desktop and documents folder, and even the macos password.

The stealer is designed to target multiple browsers and can extract auto-fills, passwords, cookies, wallets, and credit card information. Specifically, amos can target cryptowallets such as electrum, binance, exodus, atomic, and coinomi. (citation).

The threat actors behind this stealer is selling AMOS as “malware-as-a-service” on the dark web. Other services sold by them go for about $1000.00 per month.

If you have any questions, please let us know.

Also, please provide security awareness training to your employees. Learn how...