380 vulnerabilities identified on Apple services in 2021… Safari tops the list


Louise Jean

April 16, 2022 at 3:15 p.m.

7

Apple logo © © Unsplash / Laurenz Heymann

© Laurenz Heymann / Unsplash

380 new vulnerabilities were discovered and exploited in the Apple ecosystem in 2021. That’s a 467% increase from the previous year. Most vulnerabilities exploit Safarithe default browser

These vulnerabilities have been detected and exploited by cybercriminals, according to a report by AtlasVPN. From ” billion of people around the world could be affected.

The problem of interconnectivity

Apple’s products and services are known to be interconnected and interchangeable, making it easy to switch from one device to another. Convenient, but dangerous: this inter-connectivity exacerbates vulnerabilities exponentially. A flaw present on a single product will easily have consequences on all connected devices.

The CVE-2021-30858 flaw is the most dangerous detected at Apple, with a CVSS score of 8.8/10. The devices at risk are iPhones and iPads on IOS 14.8 and Macs with macOS Big Sur 11.6. This vulnerability allows malware and ransomware to infiltrate the device, and then to exfiltrate personal data and credentials. Users can protect themselves only by updating their devices as soon as possible.

Google and Microsoft still in the lead

In number of vulnerabilities, Apple remains third behind Google and Microsoft, which have around 500 defects each. Web browsers remain a favorite gateway for hackers, and Microsoft Edge has been the victim of cybercriminals in 2021. Other Microsoft services such as Microsoft Exchange Server have major vulnerabilities, including a flaw rated at 9.8 that allowed hackers from repeatedly attacking American companies last year.

The AtlasVPN report named the worst vulnerabilities of 2021 “Apache Log4j,” a flaw that allows hackers to gain complete control over entire servers and exploit the system without any limits. When these flaws affect tech giants like Microsoft, Apple or Google, billions of users are at risk. A word of advice: update all your devices as soon as possible.

Source : Tech Radar

Article edited on 04/16/2022



Source link -99