{"id":4991,"date":"2023-06-22T11:47:20","date_gmt":"2023-06-22T09:47:20","guid":{"rendered":"https:\/\/sajberinfo.com\/?p=4991"},"modified":"2023-06-22T11:47:20","modified_gmt":"2023-06-22T09:47:20","slug":"apple-ispravlja-sigurnosne-propuste","status":"publish","type":"post","link":"http:\/\/sajberinfo.com\/en\/2023\/06\/22\/apple-ispravlja-sigurnosne-propuste\/","title":{"rendered":"Apple ispravlja sigurnosne propuste"},"content":{"rendered":"<p><span style=\"font-size: 14pt;\">Kompanija <em>Apple<\/em> je objavila sigurnosna a\u017euriranja koja se odnose na tri sigurnosna propusta koja su kori\u0161tena za instalaciju <em>Triangulation<\/em> \u0161pijunskog softvera na <em>iPhone<\/em> ure\u0111ajima preko <em>iMessage<\/em> aplikacije.<\/span><\/p>\n<div id=\"attachment_4992\" style=\"width: 1034px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-4992\" class=\"size-full wp-image-4992\" src=\"https:\/\/sajberinfo.com\/wp-content\/uploads\/2023\/06\/Apple-logo.jpg\" alt=\"Apple logo\" width=\"1024\" height=\"576\" srcset=\"https:\/\/sajberinfo.com\/wp-content\/uploads\/2023\/06\/Apple-logo.jpg 1024w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2023\/06\/Apple-logo-300x169.jpg 300w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2023\/06\/Apple-logo-768x432.jpg 768w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2023\/06\/Apple-logo-18x10.jpg 18w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><p id=\"caption-attachment-4992\" class=\"wp-caption-text\"><span style=\"font-size: 14pt;\"><em><span style=\"font-size: 11pt;\">Source: <\/span><\/em><a href=\"https:\/\/wallpapercave.com\/w\/wp5411658\" target=\"_blank\" rel=\"noopener\"><span style=\"font-size: 11pt;\"><em>Wallpapercave<\/em><\/span><\/a><\/span><\/p><\/div>\n<h2><span style=\"font-size: 14pt;\"><strong><em>Operation Triangulation<\/em><\/strong><\/span><\/h2>\n<p><span style=\"font-size: 14pt;\"><a href=\"https:\/\/sajberinfo.com\/en\/2023\/06\/04\/napad-na-iphone-operation-triangulation\/\" target=\"_blank\" rel=\"nofollow noopener\">Prema ve\u0107 objavljenim informacijama<\/a> do kojih su do\u0161li sigurnosni istra\u017eiva\u010di kompanije <em>Kaspersky<\/em>, napada\u010di koriste eksploatacije bez klika preko <em>iMessage<\/em> platforme da zaraze svoje mete. Koriste\u0107i ove eksploatacije bez klika, napada\u010di mogu pokrenuti ranjivosti na iOS ure\u0111ajima bez ikakve interakcije korisnika. Kada je ure\u0111aj kompromitovan, zlonamjerni softver dobija <em>root<\/em> privilegije, omogu\u0107avaju\u0107i mu potpunu kontrolu nad ure\u0111ajem i podacima korisnika.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h3><span style=\"font-size: 14pt;\"><strong>Novo otkri\u0107e<\/strong><\/span><\/h3>\n<p><span style=\"font-size: 14pt;\">Pored toga, detaljnija analiza kompanije <em>Kaspersky<\/em> prona\u0161la i funkciju <em>populateWithFieldsMacOSOnly<\/em> u konfiguraciji implanta. Ova funkcija nije u upotrebi kada je k\u00f4d postavljen na <em>iPhone<\/em> ure\u0111aju, ali sugeri\u0161e da postoji i varijanta za <em>macOS<\/em> ure\u0111aje.<\/span><\/p>\n<p>&nbsp;<\/p>\n<blockquote><p><span style=\"font-size: 14pt;\"><em>\u201cOvaj metod se nigdje ne poziva u iOS implantatu; me\u0111utim, njegovo postojanje zna\u010di da macOS ure\u0111aji tako\u0111e mogu biti ciljani sli\u010dnim implantom.\u201d<\/em><\/span><\/p>\n<p style=\"text-align: right;\"><span style=\"font-size: 14pt;\">&#8211; <a href=\"https:\/\/securelist.com\/triangledb-triangulation-implant\/110050\/\" target=\"_blank\" rel=\"noopener\"><em>Georgy Kucherin, Leonid Bezvershenko i Igor Kuznetsov<\/em><\/a> &#8211;<\/span><\/p>\n<\/blockquote>\n<p>&nbsp;<\/p>\n<h4><span style=\"font-size: 14pt;\"><strong>A\u017euriranje<\/strong><\/span><\/h4>\n<p><span style=\"font-size: 14pt;\">Kompanija <em>Apple<\/em> je <a href=\"https:\/\/support.apple.com\/en-us\/HT201222\" target=\"_blank\" rel=\"noopener\">objavila a\u017euriranje<\/a> kako bi ispravila sigurnosni propust ozna\u010den kao <em>CVE-2023-32434<\/em>. A\u017euriranje se odnosi na skoro sve <em>iPhone<\/em> i <em>iPad<\/em>, kao i <em>Apple<\/em> <em>Watches<\/em> serije <em>3<\/em> i novije i na ure\u0111aje sa <em>macOS<\/em> <em>Ventura<\/em>, <em>Monterey<\/em> i <em>Big<\/em> <em>Sur<\/em> operativnim sistemima.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Ova a\u017euriranja bi trebalo da osiguraju i da se kasnije faze zloupotrebe ne mogu koristiti u odvojenim napadima. A\u017euriranja se odnose i na druga ranjivosti, pa je tako ura\u0111ena ispravka <em>Webkit<\/em> ranjivosti <a href=\"https:\/\/support.apple.com\/en-us\/HT213814\" target=\"_blank\" rel=\"noopener\"><em>CVE-2023-32439<\/em><\/a> u <em>iOS<\/em> i <em>macOS<\/em> operativnim sistemima i za koju postoji sumnja da se mo\u017eda ve\u0107 iskori\u0161tava.<\/span><\/p>","protected":false},"excerpt":{"rendered":"<p>Kompanija Apple je objavila sigurnosna a\u017euriranja koja se odnose na tri sigurnosna propusta koja su kori\u0161tena za instalaciju Triangulation \u0161pijunskog softvera na iPhone ure\u0111ajima preko iMessage aplikacije. Operation Triangulation Prema ve\u0107 objavljenim informacijama do&#46;&#46;&#46;<\/p>","protected":false},"author":1,"featured_media":4992,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[443,446,186,357,342,144,445,444],"class_list":["post-4991","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-hronike","tag-apple-watche","tag-big-sur","tag-ios","tag-ipad","tag-iphone","tag-macos","tag-monterey","tag-ventura"],"_links":{"self":[{"href":"http:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts\/4991","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/comments?post=4991"}],"version-history":[{"count":0,"href":"http:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts\/4991\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/media\/4992"}],"wp:attachment":[{"href":"http:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/media?parent=4991"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/categories?post=4991"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/tags?post=4991"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}