Connect with us
Apple fixes 0 day vulnerability in iOS and macOS Apple fixes 0 day vulnerability in iOS and macOS

Security

Apple fixes 0-day vulnerability in iOS and macOS

Published

on

The vulnerability is already the sixteenth zero-day vulnerability patched by Apple this year.

Apple has released fixes for a zero-day vulnerability in iOS and macOS, which, according to the Google security team, is already actively exploited by hackers.

The vulnerability, identified as CVE-2021-30869, is present in the XNU kernel component on modern Apple operating systems.

As Shane Huntley, head of the Google Threat Analysis Group, explained, the vulnerability in XNU is one of two links in the exploit chain. Hackers use it, together with a known vulnerability in WebKit, to execute malicious code in the victim’s browser and escalate its privileges in order to gain control over the attacked device.

Huntley said his team will provide more details about the attacks in 30 days so that users have time to update, as the probability of attacks will increase significantly after publication.

Security updates have been released for macOS Catalin and iOS 12.5.5, which means the vulnerability does not affect newer iOS versions such as iOS 14 and 15.

Apple also ported two patches for other zero-day vulnerabilities released on September 13, 2021. Originally targeted at iOS 14 (CVE-2021-30860 and CVE-2021-30858), fixes are now also available for older iPhones running iOS 12.

The vulnerability in XNU is the sixteenth zero-day vulnerability patched by Apple this year.

Click to comment

Leave a Reply

Your email address will not be published.

Security

Hacker who earned $27 million in cyberattacks will spend 20 years in prison and pay $21 million in fines

Published

on

Hacker who earned 27 million in cyberattacks will spend 20

A Florida district court has sentenced 34-year-old IT engineer Sebastien Vashon-Desjardins to 20 years in prison for carrying out at least 90 cyberattacks.

Hacker who earned $27 million in cyberattacks will spend 20 years in prison and pay $21 million in fines

It is noted that for several years of his activity, the hacker, using the NetWalker encryption virus, earned about $ 27 million. A search of Vashon-Desjardins revealed a crypto wallet containing 719 bitcoins, which was about $22 million at the time of the cybercriminal’s arrest in January 2022.

According to investigators, the 34-year-old cybercriminal acted in collusion with other hackers. Vashon-Desjardins himself played the role of an attacker: he infected the corporate networks of various companies with a virus and then demanded a ransom from them. Organizations from the USA, Canada and a number of European countries suffered from the activities of the criminal.

It is noted that, in addition to the prison term, the court also imposed a fine on Vashon-Desjardins in the amount of $ 21 million. Also, the criminal will have to pay compensation to the companies affected by his actions. The amount of damages has not yet been established.

Continue Reading

Components

Unique behavior of Ryzen 7000 processors. The notorious patches from the Specter vulnerability improve the performance of new CPUs

Published

on

Unique behavior of Ryzen 7000 processors The notorious patches from

Recently, various vulnerabilities in processors have been talked about much less often, and users no longer worry about performance degradation due to patches. As it turns out, Ryzen 7000 processors generally benefit from such patches!

Unique behavior of Ryzen 7000 processors. The notorious patches from the Specter vulnerability improve the performance of new CPUs

At least this is true for Linux, since it was in this OS that the author tested the Ryzen 9 7950X and Ryzen 5 7600X. It turned out that when working out of the box, the CPUs show better performance than when loading a special version of Linux with a deactivated patch from the Specter V2 vulnerability.

Unique behavior of Ryzen 7000 processors. The notorious patches from the Specter vulnerability improve the performance of new CPUs

Of course, such results do not appear everywhere, and during normal work they are unlikely to be critical. In particular, in total, according to the results of 190 tests, the difference was only 3%.

Continue Reading

Gaming

PlayStation 5 has been hacked. You can install games, but you can’t run them yet

Published

on

PlayStation 5 has been hacked You can install games but

Nearly two years after the PlayStation 5 went on sale, modders have found a way to jailbreak the console, albeit with some restrictions.

IGN notes that the modder, known as SpecterDev, disclosed an apparent jailbreak that is described as an experimental IPV6 kernel exploit exploiting a WebKit vulnerability.

The jailbreak will only work on PS5 systems with firmware 4.03 or later. If you’ve updated your PS5 since October last year, you won’t be able to try the exploit. But even if you need firmware, an attempt to install a jailbreak works only in a third of cases.

PlayStation 5 has been hacked.  You can install games, but you can't run them yet

As for what you can do with a jailbroken PS5 right now, you’ll get access to the system’s debug menu. You can also install games from outside the PlayStation Store, but you cannot run third-party software.

Modder Lance McDonald tested the jailbreak and was able to install the PT demo, the famous teaser of the canceled Silent Hills game. However, he was unable to start playing the game. Although the exploit offers read/write access to the PS5, there is currently no way to execute the downloaded files. In any case, PT is not backwards compatible with PS5.

It is currently unlikely that this jailbreak will be widely used anytime soon due to its limitations and the fact that Sony can ban modder accounts. On top of that, there is a risk of locking the console at that time. However, it may give other hackers and modders a foundation to build more robust jailbreak tools.

Continue Reading

Most Popular