Tag: APPLE

Summary: Researchers from Korea University have introduced “SysBumps,” a groundbreaking attack that successfully breaks Kernel Address Space Layout Randomization (KASLR) on macOS systems using Apple Silicon. This vulnerability exposes critical kernel memory addresses, posing significant risks to macOS users despite Apple’s enhanced security measures.

Threat Actor: Unprivileged attackers | unprivileged attackers Victim: macOS users | macOS users

Key Point :

SysBumps exploits speculative execution vulnerabilities in macOS system calls.…
Read More

This article outlines critical vulnerabilities affecting various software products, including Citrix, Cisco, Fortinet, and Microsoft. Threat actors are exploiting these vulnerabilities, such as CVE-2023-3519 and CVE-2023-34362, to gain unauthorized access and execute malicious activities. Regular updates and security patches are essential to mitigate these risks. #CyberSecurity #VulnerabilityManagement #ThreatIntelligence

Keypoints :

Multiple critical vulnerabilities identified across various software products.…
Read More

Summary: Over three million POP3 and IMAP mail servers are exposed on the Internet without TLS encryption, making them vulnerable to network sniffing attacks. Shadowserver has suspended its TLS reports due to potential false positives while notifying mail server operators of these risks.

Threat Actor: Shadowserver | Shadowserver Victim: Mail Server Operators | mail server operators

Key Point :

3.3 million hosts are running POP3/IMAP services without TLS, exposing usernames and passwords in plain text.…
Read More

Summary: Apple has reached a $95 million settlement in a class action lawsuit concerning allegations that Siri unintentionally recorded conversations. The lawsuit claims that this feature led to unauthorized recordings and targeted advertising based on private discussions.

Threat Actor: Apple Inc. | Apple Inc. Victim: Mobile device owners | mobile device owners

Key Point :

Settlement covers the period from Sept.…
Read More

Summary: Apple has agreed to a $95 million settlement over allegations that its Siri assistant recorded private conversations and shared them without user consent. The lawsuit claims this led to targeted advertising based on sensitive discussions inadvertently captured by Siri.

Threat Actor: Apple Inc. | Apple Victim: Users of Siri-enabled devices | Siri users

Key Point :

Settlement covers all U.S.…
Read More

### #SiriPrivacySettlement #AppleLawsuit #VoiceAssistantConcerns

Summary: Apple has agreed to a $95 million settlement in a class action lawsuit over privacy violations related to its Siri voice assistant. The lawsuit accused Apple of improperly collecting and sharing users’ private voice communications without consent.

Threat Actor: Apple Inc.…

Read More

In an increasingly connected digital era, macOS has become an enticing target for cybercriminals. From exploiting vulnerabilities that allow malicious applications to access sensitive data without user consent to sophisticated malware attacks targeting cryptocurrency assets, these threats underscore the importance of security awareness.

This article will explore recent incidents, including TCC-based vulnerabilities, attacks by APT groups, and malware specifically targeting macOS users, as well as essential protective measures that users should take to safeguard their personal data and devices from these emerging threats.…

Read More

The post-holiday season sees a surge in online shopping scams and phishing attacks, as cybercriminals exploit eager consumers seeking deals. These scams include CEO fraud, fake domains, malicious advertising, and fraudulent payment portals. Awareness and vigilance are essential for shoppers to protect themselves from financial loss and identity theft.…
Read More

This article discusses the use of a malicious LNK file named “christmas_slab.pdf.lnk” that exploits the SSH protocol to deliver malware during the holiday season. The file executes a command to transfer and run a malicious executable from a remote server. #CyberSecurity #Malware #SSH

Keypoints :

The holiday season is commonly exploited by attackers to deliver malicious content.…
Read More

The Monthly Intelligence Insights report from Securonix Threat Labs highlights significant cyber threats and vulnerabilities identified in November 2024, including Lunar Peek vulnerabilities, zero-day exploits in Windows, and emerging phishing campaigns. The report emphasizes the need for immediate action to patch vulnerabilities and deploy defensive measures against sophisticated ransomware and malware threats.…
Read More

### #TCCBypass #AppleSecurityFlaw #DataPrivacyThreats

Summary: A newly identified vulnerability in Apple’s Transparency, Consent, and Control (TCC) framework, designated as CVE-2024-44131, allows malicious applications to bypass user consent and access sensitive data on both macOS and iOS systems. This flaw has been patched in the latest versions of the operating systems, but it raises significant concerns about user privacy and data security.…

Read More

### #MoqHaoMalware #RoamingMantis #MobilePhishing

Summary: MoqHao, a mobile malware family associated with the Roaming Mantis group, utilizes SMS phishing (smishing) to deliver malicious payloads targeting both Android and iOS users. This analysis reveals the sophisticated tactics employed in their campaigns, including localized phishing pages and the use of trusted services for malware distribution.…

Read More

### #SpywareDiscovery #FSBIntrusion #DigitalPrivacyThreats

Summary: A Russian programmer discovered that spyware was secretly installed on his phone after being detained by the FSB, raising concerns about government surveillance and digital privacy. The malware, resembling a legitimate app, grants extensive permissions to monitor user activities.

Threat Actor: FSB | FSB Victim: Kirill Parubets | Kirill Parubets

Key Point :

The spyware impersonates a popular Android app, ‘Cube Call Recorder,’ allowing extensive access to the device.…
Read More

### #SpywareDetection #MobileSecurity #PegasusThreat

Summary: A recent hunt on 2,500 mobile devices revealed a concerning prevalence of NSO Group’s Pegasus malware, with several users unknowingly compromised. The findings highlight the need for enhanced mobile security measures, especially among high-risk individuals such as journalists and activists.

Threat Actor: NSO Group | NSO Group Victim: Various individuals | journalists, human rights activists, corporate executives

Key Point :

Six to seven infections of Pegasus malware were detected among 2,500 mobile devices during the hunt.…
Read More

### #DomainExploitation #PhishingTrends #gTLDScams

Summary: Phishing attacks surged by nearly 40% in the year ending August 2024, largely driven by the rise of new generic top-level domains (gTLDs) that offer low registration costs and minimal verification. This trend poses significant challenges for cybersecurity as the domain industry continues to expand with more gTLDs on the horizon.…

Read More

### #MallocStackLoggingExploit #LocalPrivilegeEscalation #AppleVulnerability

Summary: A critical vulnerability in Apple’s MallocStackLogging framework allows attackers to achieve local privilege escalation on macOS systems, posing a significant security risk. Despite Apple’s mitigations, the flaw can be exploited through clever manipulation of log file writes.

Threat Actor: Unknown | Unknown Victim: Apple | Apple

Key Point :

The vulnerability, designated CVE-2023-32428, has a CVSS score of 7.8, indicating high severity.…
Read More

### #IdentityManagement #AutomationInnovation #EnterpriseGrowth

Summary: Haveli has acquired a majority stake in AppViewX to enhance its certificate lifecycle management capabilities, driven by increasing demand for automation and non-human identity management. This partnership aims to scale operations globally and capture emerging market opportunities amid evolving compliance standards.…

Read More