10 December 2023

■ Over 30% of Log4J Apps Use a Vulnerable Version of the Library

Approximately 38% of applications employing the Apache Log4j library are utilizing a version susceptible to security issues, including the critical Log4Shell vulnerability (CVE-2021-44228), despite patches being available for over two years.

■ Researchers Exploited GOG Galaxy XPC for Privilege Escalation in macOS

A critical privilege escalation vulnerability affecting macOS devices, specifically those with GOG Galaxy software installed, has been exploited by researchers. The vulnerability (CVE-2023-40713) carries a severity rating of 7.8 (High).

■ New iPhone Hack Convinces Users With Fake Lockdown Mode

A post-exploitation tampering technique has been discovered, enabling malware to visually deceive iPhone users into believing their device is in Lockdown Mode. While Lockdown Mode reduces the attack surface, it does not prevent post-compromise malware execution.

jog4jexploitvulnerabilityiphonemmacprivilege excalationmacoshacklockdown

Lastest news

17 December 2023 16 December 2023 15 December 2023 14 December 2023 13 December 2023 12 December 2023 11 December 2023 10 December 2023

Services News Contact us

Penetration Testing Social Engineering Vulnerability Assessment Secure Web Design

More than Cyber Security

We offer a variety of services to help companies be prepared for real cyber-attacks.