Most security concerns revolve around personal computers (PCs) running the Windows Operating System (OS).
After all, these devices make up the bulk of enterprise IT environments. However, recent Apple vulnerabilities prove you can’t overlook their weaknesses, either.
In fact, the National Institute for Standards and Technology (NIST) has even issued the first guidance of its kind as a result (more on that below).
Even operational technology (OT), such as industrial control systems, building management systems, and fire control systems, can provide an attacker with access to your networks and other resources.
So, even though Microsoft normally dominates headlines with necessary patches, these Apple vulnerabilities pose serious problems, too.
Let’s take a look at some of the latest reasons why no systems are immune to attack.
Apple Vulnerabilities with Emergency Updates
Most enterprises allow Apple iPhone/iPad OS (iOS) and Macintosh OS (macOS) devices to update automatically. However, some enterprises disable automatic updates, while some users delay restarts and installations.
With that in mind, two Apple vulnerabilities in particular need your attention. Actively-exploited zero-day bugs in the iOS/macOS software need to be updated immediately. One vulnerability resides in the kernel, or most core portion of the OS. This flaw can allow an attacker to execute arbitrary code.
The second of these Apple vulnerabilities is related to the WebKit incorporated into the Safari browser. Here, attackers can craft code for websites that could enable execution of arbitrary code on the device.
In response, Apple pushed out emergency updates to the current OS versions, and to Safari for the older Big Sur and Catalina macOS.
macOS Zero Days
While Apple users are generally very fond of their devices, as noted above, these products aren’t immune to zero-day bugs, either.
In fact, seven zero-day Apple vulnerabilities have been patched in 2022, including one related to Zoom, two related to graphics and media, two other bugs that could affect the kernel, and another associated with WebKit.
One flaw that was fixed twice in 2021 even undermined all security layers on the macOS, because it broke a basic functionality of the macOS.
Even if PCs make up the majority of your devices, make sure to properly update any of your macOS products.
Mac Attacks
Attackers know certain devices tend to reside within certain levels of business. As such, they often target macOS devices often reserved for executives or other high-value employees, who can justify their high-end prices.
For example:
- North Korean hackers associated with the Lazarus group impersonated Coinbase to target programmers on LinkedIn with fake PDF files. These files contained malware specifically compiled for macOS users.
- The CloudMensis malware installed back doors on macOS devices to bypass the macOS Transparency Consent and Control system to steal user data.
- Chinese hackers compromised Linux and macOS devices earlier this year with data-stealing backdoors.
It’s proof that for every system out there, attackers find ways to strike.
First Ever macOS Guidance for Endpoint Protection
NIST published guidance for securing macOS endpoints for the first time ever this summer. NIST built off of the open source macOS Security Compliance Project, and seeks to simplify and standardize macOS security development in the federal government.
Adopting NIST guidelines is useful not only to better secure your systems, but also to comply with many other standards, from Apple vulnerabilities to fraud prevention strategies.
Operational Technology Vulnerabilities
OT devices were once protected from attacks, because they were ‘dumb’ controllers hard-wired to machines and little else.
However, the drive to extend control and extract data from OT has led to new types of wi-fi and networks connections. While this unlocks enormous potential, it also exposes these devices to attack.
Recent vulnerabilities include:
- Open Automation Software platform vulnerable to remote code exploitation
- 56 related vulnerabilities affect thousands of devices from Honeywell, Motorola, Siemens, and more.
- Rockwell Automation’s programmable logic controller vulnerabilities allow remote code exploitation.
- Realtime Locating Systems vulnerabilities allow man-in-the-middle attacks and manipulated geo-location data.
Many OT vulnerabilities tend to be overlooked. As a result, government agencies do their best to install a sense of urgency. In April 2022, CISA, NSA, FBI, and the Department of Energy jointly warned of hacking groups specifically seeking to target industrial control systems (ICS) and OT.
Despite warnings and common vulnerabilities, researchers discovered 9,000 virtual network computing (VNC) endpoints exposed to the internet without authentication. VNCs provide remote connections to monitor and adjust OT and ICS systems, and should always be secured – at the very least by a password and username.
Eliminating Exposure to Apple Vulnerabilities and Other Issues
Though less popular targets, macOS, iOS, and OT still suffer attacks.
Even for vulnerabilities you can’t patch, basic security principles can add network isolation, firewall protection, and other mitigations. These all work together to ensure even your weakest devices won’t exceed your risk tolerance.
When urgency or expertise is required, outsourcing can provide a cost-effective solution to protect your organization. Blue Bastion, along with the added support of Ideal Integrations, provides no-obligation consultations, and can explain how our security experts can quickly resolve existing Apple vulnerabilities, as well as any other issues that pop up. We can even provide ongoing monitoring against new attacks.
Contact our team at 412-349-6680, or fill out the form below, and our team of cybersecurity experts will create the perfect plan to protect your organization!
And, as always, stay vigilant.
