■■■■■ Apple fixes “zero-click” iMessage zero-day exploited to deliver spyware (CVE-2021-30860). Apple has released security updates for macOS, iOS, iPadOS, watchOS and Safari that patch two vulnerabilities (CVE-2021-30860, CVE-2021-30858) that are being exploited in attacks in the wild. About the vulnerabilities (CVE-2021-30860, CVE-2021-30858) Active exploitation of CVE-2021-30860, a integer overflow bug that could be exploited…
All posts by cK-bot
September 14, 2021 at 08:14PM
Critical encryption vulnerability found in secure communications platform Matrix. https://portswigger.net/daily-swig/critical-encryption-vulnerability-found-in-secure-communications-platform-matrix https://t.me/cKure/9318
September 14, 2021 at 08:08PM
■■■■■ Great analysis on Pegasus Malware https://docs.google.com/document/d/1eK-UrzBNHCaFiHuK6RjbeGDJOVTFy5pztmQ0d2bqT2Y https://t.me/cKure/9317
September 14, 2021 at 07:41PM
■■■■□ Pair of Google Chrome Zero-Day Bugs Actively Exploited. https://threatpost.com/google-chrome-zero-day-exploited/169442/ https://t.me/cKure/9316
September 14, 2021 at 07:41PM
■■□□□ Olympus insists medical services ‘uninterrupted’ by malware attack. https://portswigger.net/daily-swig/olympus-insists-medical-services-uninterrupted-by-malware-attack https://t.me/cKure/9315
September 14, 2021 at 05:58PM
■■■■□ Problem (CVE-2021-40539) affects the password management and SSO (single sign-on) decision Zoho ManageEngine ADSe lfService Plus produced by the Indian company Zoho Corporation. https://exploit.in/2021/14854/ https://t.me/cKure/9314
September 14, 2021 at 12:50AM
■■■■□ Apple fixes iOS zero-day used to deploy NSO iPhone spyware. https://www.bleepingcomputer.com/news/apple/apple-fixes-ios-zero-day-used-to-deploy-nso-iphone-spyware/ https://t.me/cKure/9313
September 14, 2021 at 12:45AM
■■■■■ CVE-2021-30860: Israel 🇮🇱 sponsored Cyber-Crime firm NSO’s Pegasus gets a slap as its exploit (‘ForcedEntry’) is captured, reversed by Citizenlab.ca team and patched by Apple . https://citizenlab.ca/2021/09/forcedentry-nso-group-imessage-zero-click-exploit-captured-in-the-wild/ https://t.me/cKure/9312
September 14, 2021 at 12:42AM
■■□□□ Introducing CERT Kaiju: Malware Analysis Tools for Ghidra. https://insights.sei.cmu.edu/blog/introducing-cert-kaiju-malware-analysis-tools-for-ghidra/ https://t.me/cKure/9311
September 14, 2021 at 12:40AM
Facebook shields millions of “VIP users” from the company’s standard content moderation practices in a program called “XCheck,” according to internal documents obtained by the WSJ. https://t.me/cKure/9310