Security News

Apple just patched a MacOS vulnerability that bypassed malware checks. The flaw is akin to a front entrance that's barred and bolted effectively, but with a cat door at the bottom that you can easily toss a bomb through.

F5 Networks this week released patches to address an authentication bypass vulnerability affecting BIG-IP Access Policy Manager, but fixes are not available for all impacted versions. Tracked as CVE-2021-23008, the high-severity vulnerability allows for the bypass of BIG-IP APM AD authentication if the attacker can hijack a Kerberos KDC connection using a spoofed AS-REP. Authentication bypass is also possible from an AD server that the attacker has already compromised, F5 explains.

Apple's latest macOS updates patch three vulnerabilities that can be exploited to bypass security mechanisms, including one that has been exploited in the wild and one that impacts only Macs powered by the M1 chip. It was reported earlier this week that one of the security holes patched in macOS Big Sur and Catalina has been exploited by a piece of malware known as Shlayer to bypass security mechanisms designed by Apple to protect users against malicious files downloaded from the internet, specifically file quarantine, Gatekeeper and notarization.

Read this guide to learn how to perform vulnerability assessments in your organization and stay ahead of the hackers. Vulnerability assessments are automated processes performed by scanners.

Cybersecurity researchers on Wednesday disclosed a new bypass vulnerability in the Kerberos Key Distribution Center security feature impacting F5 Big-IP application delivery services. "The KDC Spoofing vulnerability allows an attacker to bypass the Kerberos authentication to Big-IP Access Policy Manager, bypass security policies and gain unfettered access to sensitive workloads," Silverfort researchers Yaron Kassner and Rotem Zach said in a report.

An update released this week by Google for Chrome 90 patches yet another serious vulnerability affecting the V8 JavaScript engine used by the web browser. Liu told SecurityWeek that the flaw can be exploited for remote code execution in the targeted user's browser, but noted that, similar to other recently disclosed V8 vulnerabilities, it does not escape the Chrome sandbox - a sandbox escape bug is needed to exploit CVE-2021-21227 in real world attacks.

Apple has patched a serious security bypass vulnerability in macOS that has been exploited in the wild by at least one threat group. The Big Sur update fixes nearly 60 security holes, including a logic issue tracked as CVE-2021-30657 that, Apple says, can allow a malicious application to bypass Gatekeeper checks.

A newly identified NTLM relay attack abuses a remote procedure call vulnerability to enable elevation of privilege, researchers from cybersecurity firm SentinelOne reveal. The researchers used a DCOM client that was instructed to connect to a RPC server, operation that involved two NTLM authentications, one without the "Sign flag" being set, and also leveraged the fact that the DCOM activation service can be abused to trigger RPC authentication.

A remote code execution vulnerability identified on the central CocoaPods server could have allowed an attacker to poison any package download, security researcher Max Justicz reveals. A dependency manager for Swift and Objective-C Cocoa projects, CocoaPods has more than 82,000 libraries and is being used in over 3 million applications.

Microsoft has partially fixed a local privilege escalation vulnerability impacting all Windows 7 and Server 2008 R2 devices. Security researcher Clément Labro discovered that insecure permissions on the registry keys of the RpcEptMapper and DnsCache services enable attackers to trick the RPC Endpoint Mapper service to load malicious DLLs on Windows 7 and Windows Server 2008R2.