US cybersecurity experts: They exploit fictitious identities and pretend to be elsewhere. They are mainly proposed for remote jobs and involving cryptocurrencies.
Apple fixes two zero-day critical vulnerabilities: one is the CVE-2022-22587 and the other, the CVE-2022-22594. The first one is already actively exploited by cybercrime actors
Apple fixed two zero-day critical vulnerabilities, one of them already exploited by cybercrime actors to compromise targeted systems. It did in a security bulletin for iOS 15.3 and iPadOS 15.3. One of the two critical flaws is the CVE-2022-22587, a memory corruption issue that resides in the IOMobileFrameBuffer and affects iOS, iPadOS, and macOS Monterey. The exploitation leads a remote attacker to arbitrary code execution with kernel privileges on compromised devices. The other, is the CVE-2022-22594, a Safari WebKit issue that impacts iOS and iPadOS. Due to the vulnerability, a website could track user browsing activity and identities in real-time.