Weekly News Digest #7

Hackers claim they can now jailbreak Apple’s T2 security chip

Last week security researchers have published the information about security flaws they’ve found in the Apple T2 security chip, which provides security features for iPhone, Mac, and MacBook devices. That allows attackers to gain full control of these devices and modify their OS. Potentially, it can have a dangerous impact on users. Apple doesn’t comment on it officially.

Link here

Microsoft Azure Flaws Open Admin Servers to Takeover

Microsoft has patched two critical security flaws in Azure, which allow an attacker to build a kill chain and perform remote code execution with admin rights on Azure infrastructure. These vulnerabilities were reported by researchers to Microsoft a month ago, and Microsoft has fixed them, so now Azure isn’t affected.

Link here

55 New Security Flaws Reported in Apple Software and Services

A team of five researchers reported to an Apple company more than 50 vulnerabilities in Services and software. These vulnerabilities were with different impacts, 29 with high severity, 13 — medium, and 2 — low. Apple fixed vulnerabilities. That’s another good case of how profitable a bug bounty program can be.

Link here

Microsoft Warns of Android Ransomware Abusing Notification Services

Microsoft disclosed that they spotted sophisticated Android ransomware attacks that abuse notification services. Ransomware used these services to show user notes, usually a fake police notice informing the victim that explicit images had been found on their device, and instructing them to pay a fine within 24 hours.

Link here

Springfield Public Schools district hit with ransomware

Over 60 schools in Springfield district were shut down after the ransomware attack. More than 25,000 students and 4,000 employees were affected due to this attack, so the learning process was stopped. It’s yet another case to have warned about ransomware and how critical is cybersecurity.

Link here