Main topic: Hackers exploiting a zero-day flaw in Ivanti's mobile endpoint management software to breach government agencies.
Key points:
1. Hackers exploited a zero-day flaw in Ivanti's mobile endpoint management software for at least three months.
2. Multiple Norwegian government agencies were compromised by the hackers.
3. The flaw allows unauthenticated access to users' personal information and the ability to make changes to the vulnerable server.
4. Hackers used compromised routers as proxies to conceal the source of their attacks.
5. A second vulnerability was also exploited, reducing the complexity of executing attacks.
6. Ivanti released patches for both vulnerabilities.
7. CISA and NCSC-NO urged agencies to search their systems for potential compromise and report any issues.
8. Previous MobileIron vulnerabilities have been exploited by government-backed actors, potentially linked to Chinese state-sponsored hackers.
9. Ivanti has not yet responded to inquiries.
10. There are still over 2,200 exposed MobileIron portals, mostly in the United States.
August has seen a flurry of patches released by technology giants like Microsoft, Google Chrome, and Firefox to fix serious vulnerabilities. These patches are crucial as some of the flaws are already being exploited in attacks. While there was no iPhone update from Apple, major fixes were released for enterprise software, including Ivanti, SAP, and Cisco. Microsoft's Patch Tuesday fixed numerous vulnerabilities, including ones being actively targeted. Google Chrome also issued updates, addressing high impact flaws in V8 and WebRTC. Firefox patched various vulnerabilities, some of which could lead to arbitrary code execution. Lastly, Google patched several critical vulnerabilities in its Android operating system, including RCE issues in System and Media Framework.
Hackers can use a hacking tool called Flipper Zero to spam iPhones with persistent pop-ups, disrupting the user experience and making the device nearly unusable.
Apple has released emergency security updates to fix two new zero-day vulnerabilities that were exploited in attacks targeting iPhone and Mac users, bringing the total number of exploited zero-days patched this year to 13.
Two zero-day vulnerabilities, CVE-2023-41064 and CVE-2023-41061, were exploited by NSO Group's Pegasus spyware to infect fully-patched iPhones running iOS 16.6 via PassKit attachments containing malicious images, prompting Citizen Lab to urge Apple users to update their devices and activate Lockdown Mode.
Apple devices are vulnerable to a zero-click, zero-day vulnerability that allows the delivery of Pegasus spyware, even on the latest iOS version, with the exploit being referred to as BLASTPASS by researchers at Citizen Lab who collaborated with Apple on addressing the issue.
Apple has issued security updates to fix two zero-day exploits that could be used by attackers to steal cryptocurrency, prompting the CEO of Binance to urge users to update their devices immediately.
Apple has released iOS 16.6.1, an emergency update for iPhones, to fix two serious flaws that have been actively exploited by attackers to deliver spyware without user interaction.
Apple has urged iPhone users to update their operating systems due to a new security breach exploited by Israeli NSO's Pegasus spyware, causing concerns in Israel over potential backlash from the US.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch security vulnerabilities used in a zero-click iMessage exploit chain that infected iPhones with NSO Group's Pegasus spyware.
Summary: Microsoft's September 2023 Patch Tuesday includes security updates for 59 flaws, featuring two actively exploited zero-day vulnerabilities.
Apple has released iOS 17.0.1 with three important security patches, addressing actively exploited vulnerabilities, including a kernel flaw, a signature validation bypass issue, and a WebKit vulnerability allowing arbitrary code execution.
The incomplete information provided by Apple and Google regarding critical zero-day vulnerabilities in their products has caused a blindspot, leaving numerous offerings from other developers unpatched.
Apple has released emergency security patches for iOS, iPadOS, and WatchOS to fix zero-day vulnerabilities that may have been actively exploited, urging users to update their devices immediately.
Apple has released urgent security updates to patch vulnerabilities actively exploited, including flaws in WebKit, certificate validation, and kernel access, which were part of an exploit chain used to plant the Pegasus and Predator spyware.
Google and the University of Toronto's Citizen Lab revealed that an opposition politician in Egypt, Ahmed Eltantawy, was targeted through a "zero-day" attack in an attempt to infect his iPhone with Predator spyware, prompting Apple to issue a security update; Citizen Lab believes that the Egyptian government was responsible for the failed hacking attempt.
Users of Apple's iPhone, iPad, Apple Watch, and Mac are being warned to update their devices immediately due to active and sophisticated spyware attacks targeting high-profile individuals, with the security update addressing three critical vulnerabilities.
Apple has released a new security update for iPhones, iPads, and other devices to protect against three vulnerabilities, following a previous update released earlier this month.
Google has released an emergency patch for a zero-day vulnerability in Chrome that was exploited by a commercial spyware vendor, and the vulnerability has been linked to the zero-click iMessage exploit chain used to deploy the NSO Group's Pegasus spyware on compromised iPhones.
Apple has released an emergency patch to address a serious security flaw that may have already been exploited by attackers, marking the 16th documented zero-day exploit against Apple's iOS, iPadOS, and macOS-powered devices.
Apple has released security updates for older iPhones and iPads to address two zero-day vulnerabilities that were exploited in attacks, including privilege escalation and arbitrary code execution flaws.
A critical zero-day vulnerability in Cisco's IOS XE software, which allows attackers to gain control of affected systems, has been exploited in the wild, prompting Cisco to recommend disabling the affected feature on internet-facing systems.
More than 10,000 Cisco IOS XE devices have been compromised and infected with malicious implants by exploiting a critical zero-day vulnerability, allowing attackers to potentially monitor network traffic and carry out man-in-the-middle attacks.
Cisco has disclosed two zero-day vulnerabilities (CVE-2023-20198 and CVE-2023-20273) that are being actively exploited by hackers to compromise and gain control over IOS XE devices, with over 40,000 devices already compromised, but the company has found a fix and plans to release it on October 22.
