Security News > 2024 > May

Apple has backported security patches released in March to older iPhones and iPads, fixing an iOS zero-day tagged as exploited in attacks. Apple has yet to disclose who disclosed the zero-day or whether it was discovered internally, and it has provided no information on the nature of the attacks exploiting it in the wild.

Apple has backported security patches released in March to older iPhones and iPads, fixing an iOS Kernel zero-day tagged as exploited in attacks. Today, Apple backported the March security updates to address this security flaw on iOS 16.7.8, iPadOS 16.7.8, and macOS Ventura 13.6.7 with improved input validation.

The Federal Communications Commission has named its first officially designated robocall threat actor 'Royal Tiger,' a move aiming to help international partners and law enforcement more easily track individuals and entities behind repeat robocall campaigns. The Royal Tiger group, allegedly led by Prince Jashvantlal Anand and his associate Kaushal Bhavsar, is operating multiple entities linked to illegal calls in the United States, including VoIP companies Illum Telecommunication Limited, PZ Telecommunication LLC, and One Eye LLC. They routed robocalls in the United States to Texas-based Great Choice Telecom, previously the target of a $225 million forfeiture order and cease-and-desist letters from the FCC and the FTC for placing illegal spoofed robocalls.

A cybercriminal using the name "Salfetka" claims to be selling the source code of INC Ransom, a ransomware-as-a-service operation launched in August 2023. Simultaneously with the alleged sale, the INC Ransom operation is undergoing changes that might suggest a rift between its core team members or plans to move to a new chapter that will involve using a new encryptor.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Since April, millions of phishing emails have been sent through the Phorpiex botnet to conduct a large-scale LockBit Black ransomware campaign. The LockBit Black encryptor deployed in these attacks is likely built using the LockBit 3.0 builder leaked by a disgruntled developer on Twitter in September 2022.

Most IT and security teams would agree that ensuring endpoint security and network access security applications are running in compliance with security policies on managed PCs should be a basic task. The 2024 Cyber Resilience Risk Index report found that, if not supported by automated remediation technologies, top endpoint protection platforms and network access security applications are failing to maintain compliance with security policies 24% of the time across its sample of managed PCs. When combined with data showing significant delays in patching applications, Absolute Security argued organisations may be ill-equipped to make the landmark shift to AI PCs, which would require significant resourcing and direct attention away from these foundations of cyber security.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

DNS tunneling is the encoding of data or commands that are sent and retrieved via DNS queries, essentially turning DNS, a fundamental network communication component, into a covert communications channel. Hackers commonly use DNS tunneling to bypass network firewalls and filters, employing the technique for command and control and Virtual Private Network operations.

The City of Helsinki is investigating a data breach in its education division, which it discovered in late April 2024, impacting tens of thousands of students, guardians, and personnel."Considering the number of users in the city's services now and in previous years, in the worst case, this data breach affects over 80,000 students and their guardians."