Apple's patching policy | Trending TikTok challenges
CyberInsights #71
Apple patches only latest OSs
Apple clarifies its patching policy. It matters more than you think.
There is a nondescript note in Apple’s “About software updates” page that says:
Note: Because of dependency on architecture and system changes to any current version of macOS (for example, macOS 13), not all known security issues are addressed in previous versions (for example, macOS 12).
Older versions of Apple OS’ do not get patched as often as the latest version.
ArsTechnica did a piece on this last month. Security researchers have observed this for some time, but now it is documented.
Take Action:
Check the number of Apple devices connected to your network. Flag older versions of Apple OS in your asset inventory software and keep an eye out for news about high vulnerabilities found in these operating system.
Eventually, you will have to take a policy decision, either to upgrade corporate Macs to the latest versions or accept the risk and live with it.
Trending TikTok challenges to distribute malware
Naked people sell. Malware distributors know and use this.
TikTok is always in the news. This time because of a trending challenge. The “invisible challenge” on Tik-Tok, is where people pose naked, but use a filter to called “Invisible Body” to hide their bodies.
Apps promising to remove the filter soon popped up. People downloaded them and (yawn!) there was a malware in them.
It was the WASP information stealing malware which is showing up in various Python packages. There are multiple releases and are being released faster than PyPi can block them.
Read more about the WASP malware and its removal here.
Take Action:
Awareness, awareness, awareness - Train your teams to recognise this type of social engineering. There is a whole chapter in Monkey, Shakespeare, Typewriter: Cybersecurity for Everyone dedicated to this.
Ask people to scan their phones using their antivirus to check for WASP related malware.
Enjoyed reading? Receive this in your email every week.