InfoSecBulletin Cybersecurity for mankind
Apple released Rapid Security Response updates for its Safari web browser, iOS, iPadOS, and macOS to address a zero-day vulnerability that was being actively exploited.
By exploiting the WebKit vulnerability known as CVE-2023-37450, malicious actors may execute arbitrary code while handling specially designed web content. The iPhone maker said it addressed the issue with improved checks.
Critical PHP Zero-Day Vulnerability found in Craft CMS To Gain RCE
For US$2.6bn, Mastercard acquires threat intelligence firm Recorded Future
Eight New ICS Advisories released by CISA
Authority Denies
Hacker claim ransomware attack on Indonesia’s state bank BRI
London-based company “Builder.ai” reportedly exposed 1.2 TB data
(CVE-2024-12727, CVE-2024-12728, CVE-2024-12729)
Sophos resolved 3 critical vulnerabilities in Firewall
“Workshop on Cybersecurity Awareness and Needs Analysis” held at BBTA
CVE-2023-48788
Kaspersky reveals active exploitation of Fortinet Vulnerability
U.S. Weighs Ban on Chinese-Made Router TP-Link: WSJ reports
Daily Security Update Dated: 18.12.2024
An anonymous researcher found and reported the flaw. The information about the attacks’ nature, scale and the identity of the perpetrator is limited, as it often happens in such cases.
ALSO READ:
But Apple noted in a terse advisory that it’s “aware of a report that this issue may have been actively exploited.”
The updates, iOS 16.5.1 (a), iPadOS 16.5.1 (a), macOS Ventura 13.4.1 (a), and Safari 16.5.2, are available for devices running the following operating system versions:
iOS 16.5.1 and iPadOS 16.5.1
macOS Ventura 13.4.1
macOS Big Sur and macOS Monterey
Apple has addressed 10 zero-day vulnerabilities in its software since the start of 2023. It also arrives weeks after the company rolled out patches to fix three zero-days, two of which have been weaponized by unidentified actors in connection with an espionage campaign called Operation Triangulation.
Update:
Apple has pulled the software update after reports emerged that installing the patches caused certain websites like Facebook, Instagram, and Zoom to throw an “Unsupported Browser” error on Safari.
