Vulnerabilities

Apple releases IOS and iPadOS patches for an actively exploited zero-day vulnerability.

Malicious News

Oct 26, 2022 — 1 min read

On Monday Apple released a patch for a zero-day flaw that’s been actively exploited.

Tracking as CVE-2022-42827 described An out-of-bounds write issue was addressed with improved bounds checking. In the out-of-bounds write vulnerability, the software writes data past the end, or before the beginning, of the intended buffer, which can result in the corruption of data, a crash, or code execution.

Apple didn’t go into further details about the flaw other than acknowledging its “aware of a report that the issue may have been actively exploited“.

Apple also fixed a few other issues with this patch.

CVE-2022-42808 – A remote user may be able to cause kernel code execution
CVE-2022-42829 – An app with root privileges may be able to execute arbitrary code with kernel privileges
CVE-2022-42830 – An app with root privileges may be able to execute arbitrary code with kernel privileges
CVE-2022-42799 – Visiting a malicious website may lead to user interface spoofing
CVE-2022-42823 – Processing maliciously crafted web content may lead to arbitrary code execution

CISA Emergency Directive to Federal Agencies Regarding Ivanti Zero-Day Exploits

In a recent development, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive on Friday, urging Federal Civilian Executive Branch (FCEB) agencies to implement mitigations against two actively exploited zero-day flaws found in Ivanti Connect Secure (ICS) and Ivanti Policy Secure (IPS) products. The vulnerabilities, namely

Admin Takeover Flaw In Synology DiskStation Manager

A vulnerability has been identified in Synology's DiskStation Manager (DSM), capable of being exploited to uncover an administrator's password and seize control of the account remotely. According to Sharon Brizinov from Claroty's Team82 in a report on Tuesday, "Under some rare conditions, an attacker could leak enough information to restore

How to Boost Your Security with a Password Manager

Introduction Are you tired of keeping track of all your passwords? Do you have trouble remembering which combination goes with what account? Enter the password manager. A password manager is a software program that securely stores and manages all your login information for various websites and applications. With just one

7 Places where malware can hide

Malware can hide in various places on a computer or network. Here are some common locations where malware may hide: 1. System files: Malware can disguise itself as legitimate system files or inject malicious code into existing files. 2. Temporary folders: Malware often uses temporary folders to hide and execute

Read more

CISA Emergency Directive to Federal Agencies Regarding Ivanti Zero-Day Exploits

Admin Takeover Flaw In Synology DiskStation Manager

How to Boost Your Security with a Password Manager

7 Places where malware can hide