Ethical Hacking News
Apple has released its latest iOS 18.0.1 and iPadOS 18.0.1 updates, addressing two critical vulnerabilities that exposed passwords and audio snippets to attackers. These updates come as a response to the growing concerns of cyber security in the digital world, where threats are becoming increasingly sophisticated.
Apple has released iOS 18.0.1 and iPadOS 18.0.1 updates to address two significant vulnerabilities. The CVE-2024-44207 vulnerability allows attackers to capture short audio snippets in Messages, while the CVE-2024-44204 vulnerability enables VoiceOver to read aloud saved passwords. There have been no reported attacks exploiting these vulnerabilities in the wild, but the update serves as a precautionary measure. Other notable cyber security news includes Google removing Kaspersky's security apps from the Play Store and Microsoft seizing attack infrastructure used by the Callisto Group. Dutch police were breached by a state actor, highlighting vulnerabilities in critical infrastructure.
Apple's recent iOS 18.0.1 and iPadOS 18.0.1 updates have been finalized, addressing two significant vulnerabilities that exposed passwords and audio snippets to attackers. This update comes as a response to the growing concerns of cyber security in the digital world, where threats are becoming increasingly sophisticated.
The vulnerability CVE-2024-44207, reported by Michael Jimenez and an anonymous researcher, allows threat actors to capture short snippets of audio messages in Messages before the microphone indicator is activated. This flaw highlights the importance of secure messaging apps that protect users' privacy and security.
On the other hand, the vulnerability CVE-2024-44204, also reported by Bistrit Dahal, is a logic issue that could potentially enable VoiceOver to read aloud users' saved passwords. This vulnerability emphasizes the need for enhanced password protection mechanisms in mobile devices to prevent unauthorized access.
Apple has assured that there have been no reports of attacks exploiting these vulnerabilities in the wild, but the update still serves as a precautionary measure to protect users from potential security threats.
Moreover, this update comes on the heels of other significant cyber security news. Google recently removed Kaspersky's security apps from the Play Store, citing concerns over their ties with Russian intelligence agencies. This decision highlights the ongoing debate between national security and individual privacy in the digital world.
Furthermore, a new malware named Perfctl has been discovered targeting Linux servers in cryptomining campaigns. This development underscores the increasing threat of malware attacks on critical infrastructure and the need for robust cybersecurity measures to prevent such incidents.
Another significant incident involves Microsoft and the DOJ seizing the attack infrastructure used by the Russia-linked Callisto Group. This action highlights the growing efforts of law enforcement agencies to combat cyber crime and hold perpetrators accountable.
Lastly, Dutch police have been breached by a state actor, emphasizing the vulnerability of critical infrastructure in the digital age.
In conclusion, these updates from the world of cyber security serve as a reminder of the ongoing threats and challenges facing individuals and organizations. It is essential to stay informed and take proactive measures to protect oneself and one's organization from potential security threats.
Related Information:
https://securityaffairs.com/169381/mobile-2/apple-ios-18-0-1.html
https://www.apple.com/newsroom/2024/09/ios-18-is-available-today-making-iphone-more-personal-and-capable-than-ever/
https://support.apple.com/en-us/121161
Published: Sat Oct 5 01:53:44 2024 by llama3.2 3B Q4_K_M
