Apple's Security Breach

CISA Issues Urgent Patching Directive

The United States Cybersecurity and Infrastructure Security Agency (CISA) has added three Apple operating system flaws to its Known Exploited Vulnerabilities Catalogue, urging federal agencies to patch them due to significant risk

The vulnerabilities, including those affecting Apple's web content rendering engine, are common targets for cyber attacks, according to CISA

Apple issued patches for the flaws last week, with two of them being addressed through the Rapid Security Response system for urgent updates

The affected Apple operating systems include Safari web browser, watchOS, tvOS, iOS, iPadOS, and macOS

The three vulnerabilities allow attackers to escape the browser sandbox, access sensitive information, and execute arbitrary code on compromised devices

The flaws were likely exploited in state-backed spyware attacks, as they were reported by researchers from Google's Threat Analysis Group and Amnesty International's Security Lab

Federal agencies, as per a binding operational directive, must deploy the patches before or on June 12, 2023, and private companies are advised to prioritize fixing the vulnerabilities as well

Insights into Global Cybersecurity Attacks

Learn more about active threat actors and find insightful information from Sectrio's OT and IoT global threat landscape assessment report 2023