Last week security researchers have published the information about security flaws they’ve found in the Apple T2 security chip, which provides security features for iPhone, Mac, and MacBook devices. That allows attackers to gain full control of these devices and modify their OS. Potentially, it can have a dangerous impact on users. Apple doesn’t comment on it officially.
Microsoft has patched two critical security flaws in Azure, which allow an attacker to build a kill chain and perform remote code execution with admin rights on Azure infrastructure. These vulnerabilities were reported by researchers to Microsoft a month ago, and Microsoft has fixed them, so now Azure isn’t affected.
A team of five researchers reported to an Apple company more than 50 vulnerabilities in Services and software. These vulnerabilities were with different impacts, 29 with high severity, 13 — medium, and 2 — low. Apple fixed vulnerabilities. That’s another good case of how profitable a bug bounty program can be.
Microsoft disclosed that they spotted sophisticated Android ransomware attacks that abuse notification services. Ransomware used these services to show user notes, usually a fake police notice informing the victim that explicit images had been found on their device, and instructing them to pay a fine within 24 hours.
Over 60 schools in Springfield district were shut down after the ransomware attack. More than 25,000 students and 4,000 employees were affected due to this attack, so the learning process was stopped. It’s yet another case to have warned about ransomware and how critical is cybersecurity.
Enter your email address to subscribe to Hacken Reseach and receive notifications of new posts by email.