Weekly Cybersecurity Update: Uncovered iOS Vulnerabilities, 4Chan Security Breach, NTLM Exploits, and WhatsApp Spyware Discoveries
or a commonly used messaging app.
This week, we’ll explore such examples of attacks and understand ongoing cybersecurity risks, from devastating iOS zero-days to major 4Chan data breaches, from the abuse of NTLM protocols to new WhatsApp spyware.
iOS Zero-Days
The cybersecurity community witnessed a significant development in terms of Apple’s untouched record of security, as Google Project Zero researcher Samuel Groß (@5aelo) identified four zero-day vulnerabilities in the iOS Mail app.
These discoveries placed the iOS mail app vulnerably prone to a remote attack known as “zero-click”, which is initiated without any user interaction and demands an immediate patch. ZecOps, a cybersecurity firm, corroborated this with reports of feasible exploits against high-profile users but Apple, while acknowledging the vulnerabilities, refuted their exploitability.
4Chan Breach
This week, 4Chan, widely-used imageboard website disclosed a data breach that led to leaked IP and email addresses of users.
The breach involved hackers exploiting a code injection vulnerability in the administrators’ control panel. 4Chan was prompt at their response, informing users of the breach, taking corrective measures, and subsequently launching an inquiry.
The magnitude of this breach signifies the potential harm for many users, serving as a stern revelation for forums to reinforce their security measures.
NTLM Exploits
Microsoft’s recent wave of ‘Patch Tuesday’ updates flagged multiple vulnerabilities within Networking LAN Manager (NTLM).
Alerts were issued to Windows administrators concerning these exploits that could potentially allow hackers to take over the Windows domain controller. CVE-2020-0968 and CVE-2020-1153 are among the high severity vulnerabilities identified under Patch Tuesday.
To mitigate these exploits, it’s recommended that administrators apply these patches immediately and disable NTLM where possible.
WhatsApp Spyware
Cybersecurity researchers flagged a surge of attacks via WhatsApp, where a malicious actor could trigger an RCE (Remote Code Execution) on target devices via WhatsApp Call functionality.
This malicious activity was linked back to a known cyber espionage group, NSO Group with spyware Pegasus.
It is advisable for WhatsApp users to update their apps regularly to receive the latest patches and security updates.
Follow-Up Reading:
Note: While we strive to provide readers with the latest information and updates, security is a fast-paced, ever-changing field.
As such, we advise everyone to always stay informed, be vigilant, and practice good cyber hygiene.
