The blog entry was written by Thomas Reed, who is the director of the Apple client device and mobile device field in Malwarebytes.Lead is paying attention to the "drinking and drinking attack" aiming at Hong Kong's democratic political organizations and news organizations.Drinking -type attack refers to an attack method that uses malware on a website often used by targets.According to Red, Trojan horses (malware, which started attacking under specific conditions), which were abused by this watering -type attack, have been on the market since 2019, but have hardly been detected.
This drunken -type attack abuses the following two vulnerabilities in "MacOS".
CVE-2021-30869 Apple is a version of "MacOS BIG SUR" released in February 2021.CVE-2021-1789 and CVE-2021-30869 were modified in 2.MacOS Big Sur is the latest major version of MacOS at that time.On the other hand, for previous versions, such as "MacOS Catalina" and "MacOS Mojave", the company provided patches at different timings.
CVE-2021-1789 is a version of the web browser "Safari" 14.0.If the update to 3 is applied, MacOS Catalina version 10.15 and MacOS Mojave version 10.14 will be corrected.Apple is Safari version 14.0.Update to 3, MacOS Big Sur version 11.It was released at the same time as 2.
Regarding CVE-2021-30869, Apple revised MacOS Catalina in September 2021, more than six months after the MacOS Big Sur was modified.The company announced "MacOS MONTEREY" in June 2021 as the latest major version of MacOS and released in October of the same year.
The first report of two vulnerabilities was the Google Threat Analysis Group.According to the company, the number of trials of the attack had reached 200 times before the company grasped.
We will carefully select the latest technical explanations, products comparison in the focusing fields, and IT products introduction of IT products from overseas companies from abundant articles in TechnoRget in the United States.
