Take a look at this week's Cyber Weekly Digest for a rundown of the latest cyber security news from across the globe, including the latest news on the MGM cyber attack and the latest zero-day vulnerabilities patched by Apple. Keep reading to stay up to date on our top news picks from the week.
Apple released emergency security updates to patch three new zero-day vulnerabilities exploited in attacks targeting iPhone and Mac users, for a total of 16 zero-days fixed this year. Two bugs were found in the WebKit browser engine (CVE-2023-41993) and the Security framework (CVE-2023-41991). These enabled attackers to bypass signature validation using malicious apps or gain arbitrary code execution via maliciously crafted web pages. The third one was found in the Kernel Framework, which provides APIs and support for kernel extensions and kernel-resident device drivers. Local attackers can exploit this flaw (CVE-2023-41992) to escalate privileges.
The International Criminal Court (ICC) disclosed a cyberattack on Tuesday after discovering that its systems had been breached last week. At the end of last week, the International Criminal Court's services detected anomalous activity affecting its information systems and is now taking measures to respond and mitigate the incident. At present, there is no available information regarding the extent of the cyber attack's nature and impact on the ICC's systems or whether the perpetrators managed to access or exfiltrate any data or files from its network. It does not appear that any ransomware or other criminal gangs have yet claimed credit for the infiltration.
Trend Micro has released patches to address a critical security flaw in Apex One and Worry-Free Business Security Windows solutions that have been actively exploited in real-world attacks. Tracked as CVE-2023-41179 (CVSS score: 9.1), the vulnerabilities relate to a third-party antivirus uninstaller module bundled with the software. Trend Micro said successfully exploiting the flaw could allow an attacker to manipulate the component to execute arbitrary commands on an affected installation. However, it requires the adversary already to have administrative console access to the target system. Trend Micro claimed it observed at least one case of potential exploitation in the wild.
Earlier this week, T-Mobile customers said they could see other peoples' accounts and billing information after logging into the company's official mobile application. The exposed data included customers' names, phone numbers, addresses, account balances, and credit card details like the expiration dates and the last four digits. Despite the significant wave of customers reporting that they've been affected by this issue, T-Mobile says the incident had limited impact, only affecting less than 100 individuals. The incident is the ninth data breach they have suffered since 2018 and the third this year.
Ten days after the devastating ransomware attack, MGM'a hotels and casinos are back up and running. Some sources claim that MGM lost roughly $8 million daily when they shut their operations. An affiliate of the notorious ransomware group Alphv, a Russia-based gang known as BlackCat, claimed responsibility for the MGM attack this week. The attack was supposedly initially carried out by a social engineering phone call, which quickly led to guests being unable to access their rooms and the casino's machines being down.