Apple Bug Allows Root Protections Bypass Without Physical Access
Source: Dark Reading
Emergent macOS vulnerability lets adversaries circumvent Apple's System Integrity Protection (SIP) by loading third-party kernels. Cyber defenders are encouraged to ensure systems have been updated with the latest macOS patch, which includes a fix for a vulnerability that exposed the entire operating system to further compromise.
CISA Warns of Second BeyondTrust Vulnerability Exploited in Attacks
Source: Security Week
Attackers have been exploiting a second vulnerability in BeyondTrust’s remote management solutions, CISA warns. The US cybersecurity agency CISA is urging federal agencies to patch a second vulnerability in BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) enterprise solutions, based on evidence of active exploitation.
New Amazon Ransomware Attack—‘Recovery Impossible’ Without Payment
Source: Forbes
A new ransomware campaign targeting Amazon Web Services S3 buckets and users by a threat actor known as Codefinger has been confirmed in a Jan. 13 threat intelligence report from Halcyon threat research and intelligence team.Â
PayPal Phishing Campaign Employs Genuine Links to Take Over Accounts
Source: Security Week
A new phishing campaign relies on legitimate links to trick victims into logging in and giving attackers control of their PayPal accounts, Fortinet warns. The phishing emails inform the intended victim of a payment request, providing legitimate-looking details, such as an amount and transaction ID, and even contain warnings that one would typically find in an email from PayPal.
Zero-Day Patch Alert: Ivanti Connect Secure Under Attack
Source: Data Breach Today
Internet appliance maker Ivanti has begun releasing updates to patch a zero-day vulnerability being actively exploited by suspected nation-state attackers. Security experts urged users of all affected products to immediately update their devices, after factory resetting them, to flush any malware attackers may have installed.