Security News > 2022 > August > Week in review: Apple fixes exploited zero-days, 1,900 Signal users exposed, Amazon Ring app vuln

Week in review: Apple fixes exploited zero-days, 1,900 Signal users exposed, Amazon Ring app vuln
2022-08-21 08:00

Apple fixes exploited zero-days: Update your devices!Apple has released security updates for iOS, iPadOS, and macOS Monterey to fix CVE-2022-32894 and CVE-2022-32893, two code execution vulnerabilities exploited by attackers in the wild.

1,900 Signal users exposed following Twilio breachThe attacker behind the recent Twilio data breach may have accessed phone numbers and SMS registration codes for 1,900 users of the popular secure messaging app Signal.

DigitalOcean customers affected by Mailchimp "Security incident"A recent attack targeting crypto-related users of Mailchimp has ended up affecting users of cloud infrastructure provider DigitalOcean, the latter company has announced on Monday.

Vulnerability in Amazon Ring app allowed access to private camera recordingsA vulnerability in the Android version of the Ring app, which is used to remotely manage Amazon Ring outdoor and indoor surveillance cameras, could have been exploited by attackers to extract users' personal data and device's data, including geolocation, address, and recordings.

Why smart factories need to prioritize cybersecurityIn this Help Net Security video, Aarthi Krishna, Global Head of Intelligent Industry Security at Capgemini, provides an overview of the cybersecurity issues smart factories have to deal with, and offers steps to help organizations better prepare, prevent and mitigate a variety of attacks.

How merchants can defend themselves against Magecart attacksIn this Help Net Security video, Angel Grant, VP of Security, F5, explains what Magecart attacks are and how they have evolved over the years.


News URL

https://www.helpnetsecurity.com/2022/08/21/week-in-review-apple-fixes-exploited-zero-days-1900-signal-users-exposed-amazon-ring-app-vuln/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2022-08-24 CVE-2022-32894 Out-of-bounds Write vulnerability in Apple products
An out-of-bounds write issue was addressed with improved bounds checking.
local
low complexity
apple CWE-787
7.8
2022-08-24 CVE-2022-32893 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds write issue was addressed with improved bounds checking.
8.8

Related vendor