Apple on Tuesday (13th Dec) rolled out security updates to iOS, iPadOS, macOS, tvOS, and Safari web browser to address a new ‘zero-day vulnerability’. The company said it’s “aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1.”
A ‘zero-day vulnerability’ is a vulnerability in a system or device that has been disclosed but is not yet patched.
While details surrounding the exact nature of the attacks are as of yet unknown, it’s likely it involves a case of social engineering to infect the devices when visiting a rogue or legitimate-but-compromised domain via the web browser.
Valkyrie are great believers in raising awareness. Users need to know the threats and ensure at the very least all patching is up to date. These updates not only include new usability features, it also includes security updates which allows you to minimise your risk of a security breach