The iPhone has a hidden feature that allows you to quickly redial the last phone number that you called. Rather than thumbing through your contact list to find your friend’s number again, you can immediately bring it up by using the manual dialer.

All you need to do is open the Phone app on your iPhone, open the manual dialer, and tap the green call button without entering anything. The first time you tap the call button, the last number that you called or dialed will be automatically pasted into the number entry. If you press the call button again, you’ll call that number. 

All in all, it’s three quick taps (open the dialer, tap the call button, tap it again) versus several minutes of contact list scrolling and number-selecting. It’s much quicker, to say the least, especially if your contacts list is especially long. Just remember to take a moment to check the number before you redial, in case you’ve been making a lot of different calls.

While we’re on the subject of re-dialing, if you use Siri on your phone, you can also quickly redial a number with a voice command. Just activate Siri and say “redial that last number” to immediately call the last number that you dialed. Or, if you want to quickly hop back onto a number that called you, you can say “return my last call.”

Apple has patched a potent chain of iOS zero-days that were used to infect the iPhone of an Egyptian presidential candidate with sophisticated spyware developed by a commercial exploit seller, Google and researchers from Citizen Lab said Friday.

The previously unknown vulnerabilities, which Apple patched on Thursday, were exploited in clickless attacks, meaning they didn’t require a target to take any steps other than to visit a website that used the HTTP protocol rather than the safer HTTPS alternative. A packet inspection device sitting on a cellular network in Egypt kept an eye out for connections from the phone of the targeted candidate and, when spotted, redirected it to a site that delivered the exploit chain, according to Citizen Lab, a research group at the University of Toronto’s Munk School.

A cast of villains, 3 0-days, and a compromised cell network

Citizen Lab said the attack was made possible by participation from the Egyptian government, spyware known as Predator sold by a company known as Cytrox, and hardware sold by Egypt-based Sandvine. The campaign targeted Ahmed Eltantawy, a former member of the Egyptian Parliament who announced he was running for president in March. Citizen Lab said the recent attacks were at least the third time Eltantawy’s iPhone has been attacked. One of them, in 2021, was successful and also installed Predator.

“The use of mercenary spyware to target a senior member of a country’s democratic opposition after they had announced their intention to run for president is a clear interference in free and fair elections and violates the rights to freedom of expression, assembly, and privacy,” Citizen Lab researchers Bill Marczak, John Scott-Railton, Daniel Roethlisberger, Bahr Abdul Razzak, Siena Anstis, and Ron Deibert wrote in a 4,200-word report. “It also directly contradicts how mercenary spyware firms publicly justify their sales.”

The vulnerabilities, which are patched in iOS versions 16.7 and iOS 17.0.1, are tracked as:

• CVE-2023-41993: Initial remote code execution in Safari
• CVE-2023-41991: PAC bypass
• CVE-2023-41992: Local privilege escalation in the XNU Kernel

According to research published Friday by members of Google’s Threat Analysis Group, the attackers who exploited the iOS vulnerabilities also had a separate exploit for installing the same Predator spyware on Android devices. Google patched the flaws on September 5 after receiving a report by a research group calling itself DarkNavy.

“TAG observed these exploits delivered in two different ways: the MITM injection and via one-time links sent directly to the target,” Maddie Stone, a researcher with the Google Threat Analysis Group wrote. “We were only able to obtain the initial renderer remote code execution vulnerability for Chrome, which was exploiting CVE-2023-4762.”

The attack was complex. Besides leveraging three separate iOS vulnerabilities, it also relied on hardware made by a manufacturer known as Sandvine. Sold under the brand umbrella PacketLogic, the hardware sat on the cellular network the targeted iPhone accessed and monitored traffic passing over it for his phone. Despite the precision, Citizen Lab said that the attack is blocked when users turn on a feature known as Lockdown, which Apple added to iOS last year. More about that later.

There’s little information about the iOS exploit chain other than it automatically triggered when a target visited a site hosting the malicious code. Once there, the exploits installed Predator with no further user action required.

To surreptitiously direct the iPhone to the attack site, it only needed to visit any HTTP site. Over the past five years or so, HTTPS has become the dominant means of connecting to websites because the encryption it uses prevents adversary-in-the-middle attackers from monitoring or manipulating data sent between the site and the visitor. HTTP sites still exist, and sometimes HTTPS connections can be downgraded to unencrypted HTTP ones.

Once Eltantawy visited an HTTP site, the PacketLogic device injected data into the traffic that surreptitiously connected the Apple device to a site that triggered the exploit chain.

Predator, the payload installed in the attack, is sold to a wide array of governments, including those of Armenia, Egypt, Greece, Indonesia, Madagascar, Oman, Saudi Arabia, and Serbia. Citizen Lab has said that Predator was used to target Ayman Nour, a member of the Egyptian political opposition living in exile in Turkey, and an Egyptian exiled journalist who hosts a popular news program and wishes to remain anonymous. Last year researchers from Cisco’s Talo security team exposed the inner workings of the malware after obtaining a binary of it.

A Pfizer vaccine designed to protect newborns and infants from severe RSV illness won a recommendation from the Centers for Disease Control and Prevention Friday—but only for seasonal use.

The vaccine is Pfizer’s bivalent RSVpreF vaccine, called Abrysvo, and is administered to pregnant people late in gestation, between 32 and 36 weeks.

RSV, or respiratory syncytial (sin-SISH-uhl) virus, is the leading cause of hospitalization for infants in the US. Each year, 1.5 million children seek out-patient care for RSV, with 58,000 to 80,000 ending up in the hospital and 100 to 300 tragically dying from the infection.

The CDC’s Advisory Committee on Immunization Practices voted 11 to 1 on Friday in favor of the limited recommendation for the vaccine, which in a clinical trial appeared 91 percent effective at preventing severe RSV in the first three months of a baby’s life and 76.5 percent effective against severe disease in the first six months. It demonstrated 57 percent efficacy in preventing hospitalization in the first six months.

The vaccine did appear to increase the pre-term birth rate compared with placebo, but the increase was not statistically significant.

Ultimately, the committee only recommended the vaccine to be used seasonally—between September and January to protect babies born between October and March, when RSV transmission typically peaks. (There is an exception for pregnant people who live in an area of the US where RSV circulates year-round, such as Hawaii and Gaum.)

For pregnant people whose babies are due between February and August, the vaccine is not recommended. Instead, those babies will have the option of a monoclonal antibody immunization by Sanofi, called nirsevimab (Beyfortus), available to protect against RSV in the run-up to the seasonal transmission. The antibody has been shown to be about 80 percent effective at preventing severe RSV over five months.

The one dissenting vote on the CDC’s committee was Helen Keipp Talbot, a medical professor at Vanderbilt University, who questioned the complexity of the recommendation and the need for another option, given the availability of the antibody. But other members highlighted the benefits of having two options available.

Shortly after the advisory committee’s vote, CDC Director Mandy Cohen endorsed the recommendation.

“This is another new tool we can use this fall and winter to help protect lives,” Cohen said in a statement. “I encourage parents to talk to their doctors about how to protect their little ones against serious RSV illness, using either a vaccine given during pregnancy, or an RSV immunization given to your baby after birth.”

Both options come at steep prices. Pfizer plans to charge $295 for its shot, and Sanofi sells the monoclonal immunization for $495.