exploits – WindowsTechs.com

New iPhone Exploit Uses Four Zero-Days

Posted on January 4, 2024 by Bruce Schneier

Kaspersky researchers are detailing “an attack that over four years backdoored dozens if not thousands of iPhones, many of which belonged to employees of Moscow-based security firm Kaspersky.” It’s a zero-click exploit that makes use of four iPhone zero-days.

The most intriguing new detail is the targeting of the heretofore-unknown hardware feature, which proved to be pivotal to the Operation Triangulation campaign. A zero-day in the feature allowed the attackers to bypass advanced hardware-based memory protections designed to safeguard device system integrity even after an attacker gained the ability to tamper with memory of the underlying kernel. On most other platforms, once attackers successfully exploit a kernel vulnerability they have full control of the compromised system…

Continue reading New iPhone Exploit Uses Four Zero-Days→

New Windows/Linux Firmware Attack

Posted on December 12, 2023 by Bruce Schneier

Interesting attack based on malicious pre-OS logo images:

LogoFAIL is a constellation of two dozen newly discovered vulnerabilities that have lurked for years, if not decades, in Unified Extensible Firmware Interfaces responsible for booting modern devices that run Windows or Linux….

The vulnerabilities are the subject of a coordinated mass disclosure released Wednesday. The participating companies comprise nearly the entirety of the x64 and ARM CPU ecosystem, starting with UEFI suppliers AMI, Insyde, and Phoenix (sometimes still called IBVs or independent BIOS vendors); device manufacturers such as Lenovo, Dell, and HP; and the makers of the CPUs that go inside the devices, usually Intel, AMD or designers of ARM CPUs……

Continue reading New Windows/Linux Firmware Attack→

Unidentified attackers breach tens of thousands of Cisco devices

Posted on October 18, 2023 by AJ Vicens

Attackers are actively exploiting vulnerable Cisco software to primarily target telecommunications companies, researchers say.

The post Unidentified attackers breach tens of thousands of Cisco devices appeared first on CyberScoop.

Continue reading Unidentified attackers breach tens of thousands of Cisco devices→

Zero-Click Exploit in iPhones

Posted on September 13, 2023 by Bruce Schneier

Make sure you update your iPhones:

Citizen Lab says two zero-days fixed by Apple today in emergency security updates were actively abused as part of a zero-click exploit chain (dubbed BLASTPASS) to deploy NSO Group’s Pegasus commercial spyware onto fully patched iPhones.

The two bugs, tracked as CVE-2023-41064 and CVE-2023-41061, allowed the attackers to infect a fully-patched iPhone running iOS 16.6 and belonging to a Washington DC-based civil society organization via PassKit attachments containing malicious images.

“We refer to the exploit chain as BLASTPASS. The exploit chain was capable of compromising iPhones running the latest version of iOS (16.6) without any interaction from the victim,” Citizen Lab …

Continue reading Zero-Click Exploit in iPhones→

Operation Triangulation: Zero-Click iPhone Malware

Posted on June 9, 2023 by Bruce Schneier

Kaspersky is reporting a zero-click iOS exploit in the wild:

Mobile device backups contain a partial copy of the filesystem, including some of the user data and service databases. The timestamps of the files, folders and the database records allow to roughly reconstruct the events happening to the device. The mvt-ios utility produces a sorted timeline of events into a file called “timeline.csv,” similar to a super-timeline used by conventional digital forensic tools.

Using this timeline, we were able to identify specific artifacts that indicate the compromise. This allowed to move the research forward, and to reconstruct the general infection sequence:…

Continue reading Operation Triangulation: Zero-Click iPhone Malware→

Sticking to traditional security playbook is mistake for cloud security: Palo Alto Networks SVP

Posted on May 16, 2023 by Karl Greenberg

Ankur Shah of Palo Alto Networks’ Prisma Cloud security platform says he sees a bright future for AI in security operations, but not so much for DevOps using many tools with little left-to-right integration.
The post Sticking to traditional security pl… Continue reading Sticking to traditional security playbook is mistake for cloud security: Palo Alto Networks SVP→

New Zero-Click Exploits against iOS

Posted on April 20, 2023 by Bruce Schneier

Citizen Lab has identified three zero-click exploits against iOS 15 and 16. These were used by NSO Group’s Pegasus spyware in 2022, and deployed by Mexico against human rights defenders. These vulnerabilities have all been patched.
One interestin… Continue reading New Zero-Click Exploits against iOS→

Zoom Exploit on MacOS

Posted on August 17, 2022 by Bruce Schneier

This vulnerability was reported to Zoom last December:

The exploit works by targeting the installer for the Zoom application, which needs to run with special user permissions in order to install or remove the main Zoom application from a computer. Though the installer requires a user to enter their password on first adding the application to the system, Wardle found that an auto-update function then continually ran in the background with superuser privileges.

When Zoom issued an update, the updater function would install the new package after checking that it had been cryptographically signed by Zoom. But a bug in how the checking method was implemented meant that giving the updater any file with the same name as Zoom’s signing certificate would be enough to pass the test—so an attacker could substitute any kind of malware program and have it be run by the updater with elevated privilege…

Continue reading Zoom Exploit on MacOS→

Zero-day exploits found and disclosed hit a record high in 2021, Google Project Zero says

Posted on April 19, 2022 by AJ Vicens

There were 58 total. The good news: Detection and disclosure of zero-day exploits have increased, the research team says.

The post Zero-day exploits found and disclosed hit a record high in 2021, Google Project Zero says appeared first on CyberScoop.

Continue reading Zero-day exploits found and disclosed hit a record high in 2021, Google Project Zero says→

More on NSO Group and Cytrox: Two Cyberweapons Arms Manufacturers

Posted on December 20, 2021 by Bruce Schneier

Citizen Lab published another report on the spyware used against two Egyptian nationals. One was hacked by NSO Group’s Pegasus spyware. The other was hacked both by Pegasus and by the spyware from another cyberweapons arms manufacturer: Cytrox.

We haven’t heard a lot about Cytrox and its Predator spyware. According to Citzen Lab:

We conducted Internet scanning for Predator spyware servers and found likely Predator customers in Armenia, Egypt, Greece, Indonesia, Madagascar, Oman, Saudi Arabia, and Serbia.

Cytrox was reported to be part of Intellexa…

Continue reading More on NSO Group and Cytrox: Two Cyberweapons Arms Manufacturers→