Tag Archive for: patches

Apple Patches 3 New Zero-Day Exploits for iOS, MacOS


Apple today released a fix for a trio of iOS vulernabilities that hackers may already be exploiting.

Apple issued emergency patches for iOS 16 and the newly launched iOS 17, as well as iPadOS, Safari, watchOS and macOS Ventura and Monterey. 

Although details are thin, the vulnerabilities were discovered by two security researchers, according to Apple. The first, Bill Marczak, works for Citizen Lab, a watchdog group that investigates spyware attacks from commercial surveillance companies. The other, Maddie Stone, is a researcher at Google’s Threat Analysis Group, which is dedicated to protecting users from state-sponsored hackers and commercial spyware dealers. 

Google and Citizen Lab didn’t immediately respond to requests for comment. But it’s likely the two security researchers uncovered the vulnerabilities while investigating an attack on user devices. The fixes also come two weeks after Citizen Lab discovered a new iOS attack allegedly from notorious spyware dealer NSO Group that infected a device belonging to an employee at a “Washington DC-based civil society organization.”  

The first vulnerability, CVE-2023-41993, involves Webkit, the browser engine for Safari. The researchers discovered the engine can be manipulated to execute rogue computer code if it processes certain web content. Hence, the vulnerability could be paired with a malicious message or website to potentially trigger an iPhone to download malware

The second vulnerability, CVE-2023-41992, can affect iOS’s kernel, the core part of the operating system. Exploiting this bug can help an attacker elevate their privileges over the OS, enabling them to install programs or gain access to sensitive data. 

Meanwhile, the third vulnerability, CVE-2023-41991, can allow a malicious app to potentially “bypass signature validation,” enabling an attacker to circumvent the security check Apple uses to verify an iOS app is safe and legitimate. 

All three vulnerabilities also affect macOS Ventura, with Apple warning, “additional CVE entries coming soon,” a sign that other exploits have been found. 

To update an iPhone, go to Settings > General > Software Update. The device can also patch itself automatically…

Source…

After Apple and Google, Mozilla Also Patches Zero-Day Exploited for Spyware Delivery


After Apple and Google, Mozilla has also released patches for an image processing-related zero-day vulnerability that has been exploited to deliver spyware. 

The existence of a new zero-day came to light on September 7, when Apple announced iOS and macOS updates to patch an exploited vulnerability tracked as CVE-2023-41064. The tech giant described the zero-day as a buffer overflow in the ImageIO component that can be exploited for arbitrary code execution using specially crafted images.

On the same day, the Citizen Lab group at the University of Torontoʼs Munk School reported that the vulnerability is part of a new zero-click exploit dubbed BlastPass that has been used to target iPhones running the latest version of iOS. 

Citizen Lab said the exploit, which had been used to deliver the NSO Group’s notorious Pegasus spyware via malicious images sent through iMessage, targeted an employee at a “Washington DC-based civil society organization with international offices”.

On September 11, Google also announced Chrome updates to patch a critical zero-day vulnerability whose existence was reported by Apple and Citizen Lab. Google, which tracks the flaw as CVE-2023-4863, said the issue impacts the WebP component used by its web browser.

WebP, an image format developed by Google, is offered as an alternative to JPEG, PNG and GIF. The significantly smaller size of WebP images results in web pages loading much faster.

The WebP format is also supported by Mozilla’s Firefox web browser, as well as its Thunderbird email client, and the organization on Tuesday announced releasing updates that should patch the zero-day. In the case of Firefox and Thunderbird, the vulnerability is in the libwebp component. Just like Google, Mozilla tracks the zero-day as CVE-2023-4863.

Advertisement. Scroll to continue reading.

Apple initially released patches for the zero-day on September 7, but only for the latest versions of iOS and macOS. On September 11, the company rolled out fixes for older versions of its operating systems, including for Macs (Monterey and Big Sur), and iPhones and iPads

The zero-day appears to have only been exploited in targeted attacks for now, but given the widespread…

Source…

WinRAR patches zero-day bug that targeted stock and crypto traders


The developers behind file compression software WinRAR have patched a zero-day vulnerability that allowed hackers to install malware onto unsuspecting victims’ computers, enabling them to hack into their crypto and stock trading accounts.

On Aug. 23, Singapore-based cybersecurity firm Group-IB reported a zero-day vulnerability in the processing of the ZIP file format by WinRAR.

The zero-day vulnerability tracked as CVE-2023-38831 was exploited for approximately four months, allowing hackers to install malware when a victim clicked on files in an archive. The malware would then allow hackers to breach online crypto and stock trading accounts, according to the report.

Using the exploit, the threat actors were able to create malicious RAR and ZIP archives that displayed seemingly innocent files such as JPG images or PDF text documents. These weaponized ZIP archives were then distributed on trading forums targeting crypto traders, offering strategies such as “best Personal Strategy to trade with Bitcoin.”

“Once extracted and executed, the malware allows threat actors to withdraw money from broker accounts. This vulnerability has been exploited since April 2023.”

The report confirmed that the malicious archives found their way onto at least eight public trading forums infecting at least 130 devices, however, the victim’s financial losses were unknown.

WinRar exploit infection chain. Source: Group-IB

On execution, the script launches a self-extracting (SFX) archive that infects the target computer with various malware strains, such as the DarkMe, GuLoader and Remcos RAT.

These provide the attacker with remote access privileges on the infected computer. DarkMe malware has previously been used in crypto and financially motivated attacks.

The researchers notified RARLABS which patched the zero-day vulnerability in WinRAR version 6.23, released on Aug. 2.

Related: Crypto investors under attack by new malware, reveals Cisco Talos

In August, smartphone giant BlackBerry identified several malware families that actively aimed to hijack computers to mine or steal cryptocurrencies.

The same month also revealed a newly discovered remote access tool called HVNC (Hidden Virtual Network Computer) that…

Source…

Android 14/13, August 2023 Security Patches


Similar to iOS 17, the next version upgrade is underway for the world’s most popular mobile operating system – Android 14. This latest software promises better privacy, security and performance. Recently, Google rolled out the Android 14 Beta 5.2 update for its eligible Pixel devices (meaning Pixel 4a 5G or later), suggesting a stable release soon next month. On the other hand, some tech manufacturing companies are testing the Android 14-based UI software on their eligible devices and released the August 2023 security patch.

So far, all the companies have released the major Android 13 upgrade for several devices, especially the flagship and mid-range series. At the same time, some remaining budget device users are still getting it. Here in this blog, we are sharing an overview of the list of smartphones that have received the update this week.

Android 14 Features:

Like other Android OS, Android 14 is an incremental upgrade. These include a photo picker, notification flash, camera, gallery and battery life improvements, new lock screen optimisations, improved Magic Compose, Separate Ring and Notification volumes, App Pair, new charging pill, Auto-confirm Unlock, improved Control Center.

August 2023 Android Security Update:

Similar to Android OS updates, monthly security patches are very important for all devices as they will make your smartphone better than ever and provide better performance. It also comes with minor performance, system security, stability optimizations, and fixes for several issues and vulnerabilities. This article looks at the list of devices that will get the update this week.

Weekly overview of Android 14 OS and August 2023 update:

OxygenOS 14 Beta:

ColorOS 14 Beta

Realme August 2023 Update:

OnePlus August 2023 Update:

Samsung August 2023 Update:

  • Galaxy Note 10
  • Galaxy S22
  • Galaxy S20 FE
  • Galaxy A54
  • Galaxy S20
  • Galaxy Tab S6
  • Galaxy A54 4G
  • Galaxy A14
  • Galaxy M14

If you like this article follow us on Google NewsFacebookTelegram, and Twitter. We will keep bringing you such articles.

Week

Source…