Tag Archive for: dozen

iOS 16.6 fixes over a dozen security flaws — don’t wait to update your iPhone

/in


Tom's Guide Awards 2023 winner:

Tom’s Guide Awards 2023 winner:

Apple has released iOS 16.6 and while this update only comes with a few new features ahead of iOS 17, you’re not going to want to skip it. This is because it addresses more than a dozen security flaws, including two that have been actively exploited by hackers.

iOS 16.6 contains fixes for a total of 16 security flaws in Find My, WebKit, Apple Neural Engine and more. Although Apple doesn’t discuss security issues with the best iPhones until after users have had a chance to patch them, a support document does shine a bit more light on the types of flaws that have been fixed in iOS 16.6.

Of these flaws, two are considered quite serious as the company is aware of reports that they have been used by hackers in their attacks. The first is a WebKit flaw (tracked as CVE-2203-37540) while the other is a Kernel flaw (tracked as CVE-2023-38606).

If the first flaw sounds familiar, this is because Apple tried to address it in a Rapid Security Response update earlier this month. However, this update led to some websites not displaying properly and Apple had to re-release the emergency security update intended to fix the flaw a few days later.

In addition to fixing 16 different flaws, Apple is also rolling out iMessage Contact Key Verification with iOS 16.6. This new security feature can also help keep you safe online and in the real world as it lets you verify that the person you’re texting with in iMessage really is who they say they are.

Since these two zero-days have already been used by hackers in their attacks, you’re going to want to install iOS 16.6 as soon as possible.

How to keep your iPhone safe from hackers

A padlock resting next to the Apple logo on the lid of a gold-colored Apple laptop.

A padlock resting next to the Apple logo on the lid of a gold-colored Apple laptop.

Keeping your iPhone up to date by installing the latest security patches and updates from Apple is one of the easiest ways to stay safe from hackers. This is because hackers and other cybercriminals like to target individuals running outdated software since the exploits they’ve developed for zero-day flaws can still be used successfully.

As BleepingComputer points out, 11 different zero-day vulnerabilities which affect Apple devices have been…

Source…

Gitpaste-12: A dozen exploits that silently lived on GitHub, attacked Linux servers

/in


Just months after Octopus Scanner was caught infecting 26 open-source projects on GitHub, new reports have already surfaced of another, new sophisticated malware infection. Gitpaste-12, a worming botnet, is extremely versatile in its advanced capabilities and the fact it leverages trustworthy sites like GitHub and Pastebin to host itself.

The name Gitpaste-12 stems from the 12 known vulnerability exploits within the worm, much like a “swiss-army knife.” Two of these exploits target 2 popular open source components, Apache Struts and mongoDB.

Remained undetected on GitHub for over 3 months

By hosting its malicious payload on sites like GitHub and Pastebin, the Command and Control (C2) infrastructure now becomes incredibly hard to block using simple IOC-blocks at enterprises, because there are legitimate use-cases of these websites.

In fact, Gitpaste-12 has been silently sitting on GitHub since July 2020.

Gitpaste1

It wasn’t until Juniper Threat Labs spotted the botnet on October 15th, and had GitHub shut it down roughly two weeks later.

“The malware begins by preparing the environment. This means stripping the system of its defenses, including firewall rules, selinux, apparmor, as well as common attack prevention and monitoring software,” said Juniper Threat Labs researchers Alex Burt and Trevor Pott.

Gitpaste2

The worm provides attackers reverse shells. The researchers observed some infected systems using TCP ports 30004 and 30005 open to listen for shell commands.

Furthermore, Gitpaste-12 is loaded with a Monero cryptocurrency miner with additional code to hide it from process monitors, a Telnet-based script to breach Linux servers, and IoT devices via brute force, a cronjob that paves way for the worm to gain persistence, and so on.

“The Gitpaste-12 malware also contains a script that launches attacks against other machines, in an attempt to replicate and spread. It chooses a random /8 CIDR for attack and will try (Read more…)

Source…

Security researchers find over a dozen iPhone apps linked to Golduck malware – TechCrunch

/in

Security researchers find over a dozen iPhone apps linked to Golduck malware  TechCrunch

Security researchers say they’ve found more than a dozen iPhone apps covertly communicating with a server associated with Golduck, a historically …

“malware news” – read more

Google Removes Nearly Two Dozen Malware-Laden Android Apps From Play

/in

  1. Google Removes Nearly Two Dozen Malware-Laden Android Apps From Play  eWeek

  2. 36 fake security apps in the Google Play store downloaded malware, stole data, tracked locations  TechRepublic
  3. Apps Disguised as Security Tools Bombard Users With Ads and Track Users’ Location – TrendLabs Security …  Trend Micro Blogs
  4. That Game on Your Phone May Be Tracking What You’re Watching on TV  New York Times
  5. 4 Android trends worth watching in 2018  Computerworld

    6. Full coverage

android security news – read more