Security News

Apple has recently addressed a vulnerability that lets attackers with root privileges bypass System Integrity Protection to install "Undeletable" malware and access the victim's private data by circumventing Transparency, Consent, and Control security checks. Apple has patched the vulnerability in security updates for macOS Ventura 13.4, macOS Monterey 12.6.6, and macOS Big Sur 11.7.7, released two weeks ago, on May 18.

API calls make up the majority of our digital lives. Take, for example, the everyday use of a cloud-based food delivery app, which could involve up to 25 API calls.

A new Linux NetFilter kernel flaw has been discovered, allowing unprivileged local users to escalate their privileges to root level, allowing complete control over a system. Netfilter is a packet filtering and network address translation framework built into the Linux kernel that is managed through front-end utilities, such as IPtables and UFW. According to a new advisory published yesterday, corrupting the system's internal state leads to a use-after-free vulnerability that can be exploited to perform arbitrary reads and writes in the kernel memory.

VMware addressed a critical vRealize Log Insight security vulnerability that allows remote attackers to gain remote execution on vulnerable appliances. The bug is described as a deserialization vulnerability that can be abused to run arbitrary code as root on compromised systems.

This week meet a reader we'll Regomize as "Wesley", who 25 years ago was about to embark on a thesis in mechanical engineering, continuing the work done by a more senior student who was working towards his doctorate. The senior student readily agreed, but the days passed, and Wesley still didn't have the data he needed.

After a lengthy discussion between staff at Mozilla and Apple, security researchers and the CA itself, Mozilla program manager Kathleen Wilson said the org's concerns were "Substantiated" enough to set a distrust date of November 30 for TrustCor's root certificates. Microsoft didn't participate in the conversation; instead, TrustCor executive Rachel McPherson claimed that Microsoft had set a distrust date of November 1 for her company's certs.

Sonatype unveiled its eighth annual State of the Software Supply Chain Report which, in addition to a massive surge in open source supply, demand, and malicious attacks, found that 96% of open source Java downloads with known-vulnerabilities could have been avoided because a better version was available, but was ignored. According to the report, this means 1.2 billion known-vulnerable dependencies that could be avoided are being downloaded every month, pointing to non-optimal consumption behaviors as the root of open source risk.

"In most cases, the vulnerabilities exist because the software fully trusted data coming from the PLC without performing extensive security checks," Team82 said. Security researchers at Accenture have highlighted the following point: the type of data being sold online after ransomware attacks is exactly the sort of stuff that's ideal for launching business email compromise attacks.

Cisco has addressed severe vulnerabilities in the Cisco Nexus Dashboard data center management solution that can let remote attackers execute commands and perform actions with root or Administrator privileges. "A successful exploit could allow the attacker to perform actions with Administrator privileges on an affected device," Cisco explains.

New research into the inner workings of the stealthy BPFdoor malware for Linux and Solaris reveals that the threat actor behind it leveraged an old vulnerability to achieve persistence on targeted systems. Cybersecurity company CrowdStrike has observed a threat actor that focused mainly on targeting Linux and Solaris systems using the custom-built BPFDoor implant on telecommunications providers to steal personal user information.