InfoSecBulletin Cybersecurity for mankind
Apple released security updates on Wednesday to fix a new vulnerability in iOS and iPadOS. This vulnerability is being actively exploited by attackers.
According to Aplle support page, the company traced two CVE as CVE-2023-42824 and CVE-2023-5217 for iOS 17.0.3 and iPadOS 17.0.3.
Eight New ICS Advisories released by CISA
Authority Denies
Hacker claim ransomware attack on Indonesia’s state bank BRI
London-based company “Builder.ai” reportedly exposed 1.2 TB data
(CVE-2024-12727, CVE-2024-12728, CVE-2024-12729)
Sophos resolved 3 critical vulnerabilities in Firewall
“Workshop on Cybersecurity Awareness and Needs Analysis” held at BBTA
CVE-2023-48788
Kaspersky reveals active exploitation of Fortinet Vulnerability
U.S. Weighs Ban on Chinese-Made Router TP-Link: WSJ reports
Daily Security Update Dated: 18.12.2024
CISA released best practices to secure Microsoft 365 Cloud environments
Data breach! Ireland fines Meta $264 million, Australia $50m
According to Apple,
Kernel
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.6.
Description: The issue was addressed with improved checks.
CVE-2023-42824
WebRTC
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
Impact: A buffer overflow may result in arbitrary code execution
Description: The issue was addressed by updating to libvpx 1.13.1.
WebKit Bugzilla: 262365
CVE-2023-5217
For detail visit the page.
ALSO READ:
