Platform
Managed Security Services
Managed Penetration Testing
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Resources
September 22, 2023
Severity High Analysis Summary Ducktail Malware is a malicious program designed by hackers to infiltrate computers and networks globally. Ducktail malware is typically delivered through a […]September 22, 2023Severity Medium Analysis Summary First discovered in 2016, Revenge RAT is a remote access trojan (RAT) designed to give an attacker complete control over an infected […]September 22, 2023Severity High Analysis Summary The Konni APT (Advanced Persistent Threat) group is a cyber espionage group that has been active since at least 2014. It is […]Threat Insights
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Connect with Us
Platform
Managed Security Services
Managed Penetration Testing
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Resources
September 22, 2023Severity High Analysis Summary Ducktail Malware is a malicious program designed by hackers to infiltrate computers and networks globally. Ducktail malware is typically delivered through a […]September 22, 2023Severity Medium Analysis Summary First discovered in 2016, Revenge RAT is a remote access trojan (RAT) designed to give an attacker complete control over an infected […]September 22, 2023Severity High Analysis Summary The Konni APT (Advanced Persistent Threat) group is a cyber espionage group that has been active since at least 2014. It is […]Threat Insights
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Connect with Us
Rewterz Threat Alert – GuLoader Malspam Campaign – Active IOCs
July 11, 2023Rewterz Threat Advisory – Discovery of a New Critical Unauthenticated SQL Injection Vulnerability in MOVEit Transfer Software
July 11, 2023
Severity
High
Analysis Summary
Apple has recently issued a new round of Rapid Security Response (RSR) updates in response to a zero-day vulnerability that has been actively exploited. This vulnerability, identified as CVE-2023-37450, impacts fully-patched iPhones, Macs, and iPads. Apple acknowledges the report from an anonymous security researcher regarding the active exploitation of this vulnerability and has taken swift action to address the issue.
The company urges users to update their systems by installing the RSR patches, emphasizing the importance of these security fixes. The RSR updates are designed to be compact and targeted, providing timely resolutions to security concerns that may arise between major software updates. By releasing these patches, Apple aims to protect users from potential threats and ensure the security of their devices.
In addition to the regular RSR updates, Apple may also release out-of-band security updates in response to actively exploited vulnerabilities. These updates are specifically designed to counter the security risks posed by such vulnerabilities and provide immediate protection for users. It is crucial for users to stay vigilant and promptly install any security updates offered by Apple to safeguard their devices and data.
If users have disabled automatic updates or choose not to install the RSR patches when prompted, they need not worry as their devices will still receive the necessary patches through future software upgrades. Apple remains committed to delivering comprehensive security measures to its user base, regardless of their update preferences.
The emergency patches released today encompass various Apple products. These include macOS Ventura 13.4.1 (a), iOS 16.5.1 (a), iPadOS 16.5.1 (a), and Safari 16.5.2. These updates specifically address the vulnerability found in Apple’s WebKit browser engine, which serves as the foundation for various web-related functionalities across Apple’s ecosystem.
The identified flaw in the WebKit browser engine allows attackers to execute arbitrary code on targeted devices. To exploit this vulnerability, attackers employ social engineering techniques to deceive users into visiting websites that contain carefully crafted malicious content. Once users access these compromised websites, the attackers can take advantage of the vulnerability to execute code remotely and potentially gain unauthorized access to sensitive information.
Given the severity of the vulnerability and the active exploitation reported, Apple’s immediate response in the form of RSR updates is essential to mitigate the risks. Users are strongly advised to prioritize the installation of these security updates to protect their devices and personal data from potential attacks.
By promptly addressing security vulnerabilities and delivering timely patches, Apple demonstrates its ongoing commitment to user safety and the protection of their digital lives. Users should remain vigilant, keep their devices up to date with the latest security patches, and exercise caution when browsing the web to minimize the risk of falling victim to such exploits.
The company addressed this security weakness with improved checks to mitigate exploitation attempts.
%20RSR.png)
Impact
- Code Execution
Indicators Of Compromise
CVE
- CVE-2023-37450
Affected Vendors
Apple
Affected Products
- Apple iOS 16.5.1
- Apple iPadOS 16.5.1
- Apple macOS Ventura 13.4.1
Remediation
- Refer to Apple security document for patch, upgrade or suggested workaround information. (Apple iOS 16.5.1 and iPadOS 16.5.1 Apple macOS Ventura 13.4.1)
- Install Apple’s Rapid Security Response (RSR) patches to address the zero-day vulnerability.
- Enable automatic updates to ensure continuous protection against emerging vulnerabilities.
- Stay informed by checking Apple’s security advisories for the latest patches and vulnerabilities.
- Exercise caution when browsing the web to minimize the risk of encountering malicious content.
- Report any suspicious activities or attacks related to the vulnerability to Apple’s security team.
- Follow security best practices, such as using strong passwords and enabling two-factor authentication.
- Maintain device hygiene by using reputable security software and regularly scanning for malware.