[SANS ISC] Apple Patches for CVE-2021-30807, (Tue, Jul 27th)

Apple has released another update (previous update was only about 5 days ago) to address CVE-2021-30807 that was discovered by an anonymous researcher. This update resolves an issue with IOMobileFrameBuffer which could allow an application to execute arbitrary code with kernel privileges [1], [2]. This issue may have been actively exploited.

As Apple has indicated that this issue may have been actively exploited, it is recommended that affected devices be updated as soon as possible.

[1] https://support.apple.com/en-us/HT212622
[2] https://support.apple.com/en-us/HT212623

Yee Ching Tok, ISC Handler
Personal Site

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Source: Read More (SANS Internet Storm Center, InfoCON: green)

You might be interested in …

[ZDNet] DOJ charges and sanctions REvil leaders behind Kaseya attack, seizes $6 million in ransoms

All posts, ZDNet

The US also sanctioned the Chatex cryptocurrency exchange for allegedly helping ransomware groups launder money. Source: Read More (Latest topics for ZDNet in Security)

Read More

[TheRecord] Azure, GitHub, GitLab, BitBucket mass-revoke SSH keys following bug report

Microsoft, GitHub, GitLab, and BitBucket —four of today’s largest code hosting portals— have initiated mass revocations of SSH keys on Monday after the discovery of a vulnerability in a popular Git software client named GitKraken. The mass revocations come at the request of Arizona-based software company Axosoft, which developed GitKraken and is the one who […]

Read More

[ThreatPost] Unusual ‘Donald Trump’ Packer Malware Delivers RATs, Infostealers

All posts, ThreatPost

The ‘DTPacker’ downloader used fake Liverpool Football Club sites as lures for several weeks, a report finds. Source: Read More (Threatpost)

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.