Tag: patches | Page 4

Apple patches zero-day bug used in cyberattacks — update your iPhone, iPad and Mac now

July 11, 2023/in Internet Security

Apple has released a fix for a recently discovered zero-day bug in its latest round of Rapid Security Response (RSR) updates.

As reported by BleepingComputer, this new zero-day affects all iPhones, iPads and Macs including those that are fully up to date.

In a security advisory on its site, Apple explained that this new emergency security update patches a zero-day vulnerability (tracked as CVE-2023-37540) which was discovered by an anonymous security researcher.

If you’re the kind of person that puts off installing security updates for your devices, you might want to think twice about that, especially with this one as “Apple is aware of a report that this issue may have been actively exploited.” This means that hackers may already be exploiting this flaw in their cyberattacks and they love to prey on users that don’t apply the latest security patches when they become available.

Yet another WebKit zero-day

Just like with a similar flaw Apple patched back in February, this new zero-day was discovered in the company’s WebKit browser engine which powers Safari, Mail, the App Store and many other macOS and iOS apps.

If exploited on a compromised Apple device, this zero-day can allow an attacker to gain arbitrary code execution by tricking unsuspecting users into opening websites that contain malicious content.

As this flaw impacts iOS, iPadOS and macOS, it’s highly recommended that you install Apple’s new emergency patches as soon as they become available. They include macOS Ventura 13.4.1 (a), iOS 16.5.1 (a) and iPadOS 16.5.1 (a).

Once installed on your Apple devices, this emergency security update adds improved checks to prevent hackers from exploiting the zero-day flaw in question.

How to keep your iPhone, iPad and Mac safe from hackers

A padlock resting next to the Apple logo on the lid of a gold-colored Apple laptop.

(Image credit: robert coolen/Shutterstock)

When it comes to keeping your Apple devices safe from cyberattacks, the first and most important thing you can do is to keep them updated and running the latest software. As I mentioned before, hackers often target vulnerable devices that haven’t been updated yet and by waiting to install the updates Apple releases, you’re putting both yourself and your devices at risk.

Although Macs come with…

Source…

Apple Releases Patches for Actively Exploited Flaws in iOS, macOS, and Safari

June 24, 2023/in Internet Security

Jun 22, 2023Ravie LakshmananVulnerability / Endpoint Security

Apple on Wednesday released a slew of updates for iOS, iPadOS, macOS, watchOS, and Safari browser to address a set of flaws it said were actively exploited in the wild.

This includes a pair of zero-days that have been weaponized in a mobile surveillance campaign called Operation Triangulation that has been active since 2019. The exact threat actor behind the activity is not known.

CVE-2023-32434 – An integer overflow vulnerability in the Kernel that could be exploited by a malicious app to execute arbitrary code with kernel privileges.

CVE-2023-32435 – A memory corruption vulnerability in WebKit that could lead to arbitrary code execution when processing specially crafted web content.

The iPhone maker said it’s aware that the two issues “may have been actively exploited against versions of iOS released before iOS 15.7,” crediting Kaspersky researchers Georgy Kucherin, Leonid Bezvershenko, and Boris Larin for reporting them.

The advisory comes as the Russian cybersecurity vendor dissected the spyware implant used in the zero-click attack campaign targeting iOS devices via iMessages carrying an attachment embedded with an exploit for the kernel remote code execution (RCE) vulnerability.

The exploit code is also engineered to download additional components to obtain root privileges on the target device, after which the backdoor is deployed in memory and the initial iMessage is deleted to conceal the infection trail.

The sophisticated implant, called TriangleDB, operates solely in the memory, leaving no traces of the activity following a device reboot. It also comes with diverse data collection and tracking capabilities.

This includes “interacting with the device’s file system (including file creation, modification, exfiltration, and removal), managing processes (listing and termination), extracting keychain items to gather victim credentials, and monitoring the victim’s geolocation, among others.”

In an attempt to complete the attack puzzle and gather its different moving parts, Kaspersky has released a utility called “triangle_check” that organizations can use to scan iOS device backups and hunt for any signs of…

Source…

Apple patches exploits used in spy campaign ‘Operation Triangulation’

June 22, 2023/in Internet Security

Apple has shipped patches for the remote code execution (RCE) vulnerabilities in iOS that have already been exploited in the wild under the digital spy campaign, dubbed Operation Triangulation.

The campaign used two zero-click iMessage exploits and compromises without any user interactions based on a pair of bugs respectively in the kernel and Webkit.

Apple has attributed the discovery of these vulnerabilities to Kaspersky Lab just two weeks after the Russian cybersecurity firm reported discovering an advanced persistent threat (APT) actor launching zero-click iMessage exploits on Russian iOS devices.

Apple patches are vulnerable including the latest versions

Apple characterized the exploited vulnerabilities as problems related to memory corruption within the kernel (CVE-2023-32434), which enables an application to execute arbitrary code with kernel privileges, and an issue identified in WebKit (CVE-2023-32435), which allows code execution through web content.

To address these issues the company has rolled out patches in the latest updates of its operating systems iOS 16.5.1, iPadOS 16.5.1, iOS 15.7.7, and iPadOS 15.7.7.

The fixes have been released both for the latest version (iOS 16.5.1) and the original vulnerable version (before iOS 15.7). Apple noted that the attacks have only been seen on devices running iOS versions older than iOS 15.7.

Other than iPhones and iPads, patches for macOS and watchOS were also released.

Exploits linked to alleged US Spy Campaign

Earlier this month, Kaspersky reported the APT attack, codenamed Operation Triangulation, using zero-click iMessage exploits on its corporate iOS devices.

Source…

Fortinet Patches Critical FortiGate SSL VPN Vulnerability

June 13, 2023/in Mobile Security

Fortinet has patched a critical FortiGate vulnerability that can be exploited by an unauthenticated attacker for remote code execution, according to the researchers who reported the flaw to the vendor.

The vulnerability is tracked as CVE-2023-27997 and it was discovered by researchers at French offensive IT security firm Lexfo.

Charles Fol, one of the researchers, said on Twitter that the vulnerability affects every SSL VPN appliance and it can be exploited for remote code execution without authentication.

Fortinet has yet to publish an advisory for the flaw, but French cybersecurity company Olympe Cyberdefense reported that an advisory is expected to become public on June 13.

The company said the security hole impacts the SSL VPN functionality of FortiGate firewalls, allowing an attacker to “interfere via the VPN”.

FortiOS 7.0.12, 7.2.5, 6.4.13 and 6.2.15 reportedly contain the patch.

Vulnerabilities affecting Fortinet products are often exploited by threat actors — both cyberspies and profit-driven cybercriminals — in many cases before a patch has been released.

Advertisement. Scroll to continue reading.

CISA’s Known Exploited Vulnerabilities Catalog currently lists 10 Fortinet product vulnerabilities that have been leveraged by malicious actors in their attacks since 2018.

Source…

Tag Archive for: patches

Apple patches are vulnerable including the latest versions