Posts

Cybersecurity Updates For Week 4 of 2022

Apple Fixes Zero-Day Vulnerabilities

The latest versions of iOS / iPadOS (15.3) and macOS (11.6.3, 12.2) released on January 26, 2022, Apple patched several vulnerabilities in the OS presumed exploited in the wild to hack iPhone and Mac devices.

Apple has been working hard to keep their OS secure by fixing these vulnerabilities as soon as they are discovered and making sure that their products are not exploitable to hackers. So please make sure to update all of your devices.

Read more:
macOS: https://support.apple.com/en-us/HT213056
iOS / iPadOS: https://support.apple.com/en-us/HT213056

New local privilege escalation found in PwnKit – CVE-2021-4034

Qualys has discovered a vulnerability in Polkit, which is an application that handles privilege requests. This vulnerability has been named PwnKit (CVE-2021-4034) and it has been found to be in Polkit—once known as PolicyKit.

Even this is a local privilege escalation, meaning that someone would need to have access to your machine in order to exploit this. We still recommend you to update this as soon as possible. By having this vulnerability not patches, it means any other security breach will give the attackers by default root access by abusing the PwnKit vulnerability.

Read more:
https://blog.qualys.com/vulnerabilities-threat-research/2022/01/25/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034

New Linux Kernel exploit – CVE-2022-0185

The vulnerability affects all Linux kernels and containers.

Linux kernel is the heart of any operating system. It is responsible for managing resources and controlling access to hardware, such as the CPU and memory. Containers are a way to create an isolated environment that runs on top of the Linux kernel. This vulnerability in Linux kernel can be exploited by attackers in order to escape from containers and get full control over the node.

It is therefore advisable to update your Linux kernel as soon as possible.

Read More:
https://sysdig.com/blog/cve-2022-0185-container-escape/

Other news worth mentioning:

105 Million Android Users Targeted by Subscription Fraud Campaign
Attackers Connect Rogue Devices to Organizations’ Network with Stolen Office 365 Credential
Millions of Routers, IoT Devices at Risk as Malware Source Code Surfaces on GitHuB
GitLab Unauthenticated Remote Code Execution CVE-2021-22205 Exploited in the Wild