Cybersecurity Weekly: Apple flaws, Azure vulnerabilities, hackers buying network access

Infosec_SamInfosec_Sam Security+, CCENT, ITIL Foundation, A+Madison, WIAdmin Posts: 516 Admin

Fifty-five new security flaws were reported in Apple software and services. Researchers find vulnerabilities in Microsoft Azure cloud service. Security staff are being forced to upskill in their own time. All this, and more, in this week’s edition of Cybersecurity Weekly.

1. Fifty-five new security flaws reported in Apple software and services

A team of five security researchers analyzed several Apple online services for three months and found as many as 55 vulnerabilities, 11 of which are critical in severity. The flaws meant a bad actor could easily hijack a user's iCloud account and steal all the photos, calendar information, videos and documents, in addition to forwarding the same exploit to all of their contacts.
Read more »

2. Researchers find vulnerabilities in Microsoft Azure cloud service

Two security flaws in Microsoft's Azure App Services could have enabled a bad actor to carry out server-side request forgery attacks or execute arbitrary code and take over the administration server. This enables an attacker to quietly implant malicious phishing pages through Azure Portal to target system administrators.
Read more »

3. Ransomware gangs can buy network access in cyberattack shortcut

For prices ranging between $300 and $10,000, ransomware groups have the opportunity to easily buy initial network access to already-compromised companies on underground forums. Researchers warn this opportunity gives groups like Maze or Sodinokibi the ability to more easily kickstart ransomware attacks across various industries.

Read more »

For more cybersecurity news stories like these, check out the blog »

Looking for certification prep and technical skills development content? Visit our website to check out Infosec Skills! The platform has 70 learning paths, 600 courses and 150 virtual labs where you can try out new skills in a sandboxed environment. Try it free for 30 days with promo code: infoseccommunity

Community Manager at Infosec!
Who we are | What we do
Sign In or Register to comment.