If nothing else, Apple’s most recent emergency security update should be considered proof of an increasingly tense security environment.
Enterprises must understand that while Apple maintains a pretty solid ecosystem — certainly at present the most secure, even according to Cisco — that doesn’t mean it’s entirely safe, and every Apple customer needs to get wise to the growing proliferation of threats.
With more and more business users turning to the company’s solutions, it’s important to get ahead of the threat.
What is the current threat environment?
The latest Orange Cyberdefense Security Navigator Report claims a global 46% surge in cyber-extortion attacks across the last year — and warns that just over a third (37.45%) of detected incidents originated from internal actors, not all of these by accident.
With employees and trusted insiders remaining the soft vulnerable point for a third of attacks, it’s essential every business and every user spend time learning about the best approach to online security.
The Orange report points out that attacks are taking place at strategic points in the supply chain. It warns that larger enterprises are the most targeted entities, and points to a surge in attacks against the manufacturing sector.
Ransomware, it seems, has become so prevalent that some of the more organized groups now host help desks targets can contact for assistance — and to arrange payment and data recovery.
Weaponizing WebKit
Keep these findings in mind as you consider Apple’s latest emergency security updates. Released at the end of November, these address two zero-day vulnerabilities (CVE-2023-42916 and CVE-2023-42917) that have been exploited by hackers to access sensitive information on Apple devices and/or to execute arbitrary code by using malicious webpages to take advantage of a memory corruption bug.
Michael Covington, vice president of portfolio strategy at Jamf, explained:
“These latest OS updates, which address bugs in Apple’s WebKit, show that attackers continue to focus on exploiting the framework that downloads and presents web-based content. The latest bugs could lead to both data leakage and arbitrary code execution and appear to be tied to targeted attacks that are common against high-risk users.”
It’s quite natural that WebKit has become a prime attack target against Apple’s devices.
Can it get worse? Probably
That’s inevitable as the company at present won’t support other browser engines, meaning that even non-Apple browsers make use of WebKit. This might change as regulators seem insistent on forcing Apple to open up, though when it does, it will allow criminals to try multiple web engines and app stores to crack their way into Apple’s devices. We’ll see how that goes.
Security researchers, meanwhile, continue to kick WebKit around in their attempt to find vulnerabilities before the bad guys do, and hopefully get an Apple security bounty payment for…
2023-12-07 02:41:03
Link from www.computerworld.com rnrn