Apple, Google Patch iOS, Chrome Zero-Days Exploited by Hackers
Read also: Microsoft disrupts a phishing operation targeting NATO countries, the use of wiper malware expands beyond Ukraine, and more.
Thursday, August 18, 2022
Apple rolls out security updates to address two zero-days in iOS, macOS platforms
Apple has released security updates for its iOS, iPadOS, and macOS operating systems to fix two zero-day vulnerabilities said to have been actively exploited by malicious attackers.
Two zero-days, tracked as CVE-2022-32893 and CVE-2022-32894 affect all three platforms, both are described as an out-of-bounds write issue. The first bug affects WebKit, a web browser engine used by Safari, Mail, App Store and other applications, and could be used for arbitrary code execution via malicious web content.
The second flaw resides in the OS’ kernel and could be exploited by a malicious app to execute arbitrary code with kernel privileges.
The tech giant didn’t provide additional information regarding attacks that exploited the above mentioned bugs, or when they took place and who they targeted.
Google patches fifth Chrome zero-day since beginning of 2022
Google has released a security update for its Chrome web browser to fix more than ten vulnerabilities, including a zero-day flaw, which is being exploited in the wild. This marks the fifth Chrome zero-day issue Google has remedied since the start of 2022.
As per usual, Google has refrained from sharing technical details on the vulnerability (CVE-2022-2856), as well as cases related to its exploitation, only explaining that it is a security issue that stems from “insufficient validation of untrusted input in Intents,” a feature that allows to launch apps and web services directly from a web page.
UK water supplier targeted in a Cl0p ransomware attack
South Staffordshire, a UK drinking water supplier, which provides water to 1.6 million customers daily, was hit with a Cl0p ransomware attack that disrupted the organization’s corporate IT systems but, luckily, did not affect water supply.
In a post on their data leak website the operators behind the Cl0p ransomware claimed the responsibility for the intrusion but initially named a wrong victim - Thames Water, one of the UK’s largest drinking water suppliers. Shortly after, the gang corrected their error, naming South Staffordshire as the actual victim.
Following the news of the incident Thames Water disputed the claims of the alleged hack and denied the breach of its systems.
The use of wiper malware expands beyond Ukraine to 24 countries
Threat actors are increasingly using more destructive and sophisticated attack techniques, a new report from Fortinet reveals. The researchers said they discovered at least seven new variants of disk-wiping malware in H1 2022 that have been used in attacks against government, military organizations and private businesses. Furthermore, it appears that the use of wipers is increasingly expanding beyond the Russo-Ukrainian war, as researchers detected wiper malware in 24 countries in the first half of 2022.
Another troubling trend Fortinet observed is the rise in new ransomware variants, with the number increasing by nearly 100% compared to the previous six-month period. As per the report, the growth in ransomware is mainly caused by increasing popularity of Ransomware-as-a-Service (RaaS) business models on the dark web.
Experts warn of phishing attacks by Russian hackers targeting NATO countries
Microsoft said it took action to disrupt a cyber-espionage operation by a “highly persistent” hacker group believed to be working on behalf the Russian government that has targeted people and organizations in NATO countries, particularly the United States and the United Kingdom.
Tracked as Seaborgium, the group is focused on espionage and information operations that involve phishing and credential stealing attacks, as well as so called “hack-and-leak” campaigns, where stolen data is “used to shape narratives in targeted countries.”
Seaborgium’s targets include defense and intelligence consulting companies, non-governmental organizations (NGOs) and intergovernmental organizations (IGOs), think tanks, and higher education institutions.
What’s next:
- Follow ImmuniWeb on Twitter and LinkedIn
- Explore 20 use cases how ImmuniWeb can help
- Browse open positions to join our great Team
- See the benefits of our partner program
- Request a demo, quote or special price
- Subscribe to our newsletter
Application Security Weekly is a weekly review of the most important news and events in cybersecurity, privacy and compliance. We cover innovative cyber defense technologies, new hacking techniques, data breaches and evolving cyber law. 
