Zero Day – Page 21 – WindowsTechs.com

Apple patches against alleged NSO Group zero-click exploit used on activists

Posted on September 13, 2021 by Tonya Riley

Apple released a patch Monday against two security vulnerabilities, one of which the Israeli surveillance company NSO Group has exploited, according to researchers. The updated iOS software patches against a zero-click exploit that uses iMessage to launch malicious code, which in turn allows NSO Group clients to infiltrate targets — including the phone of a Saudi activist in March, researchers at Citizen Lab said. The exploit uses a manipulated gif to crash Apple’s image rendering library. It then launches spyware that researchers say shares distinct features with NSO Group’s Pegasus spyware. Researchers have named the exploit “FORCEDENTRY.” Zero-click exploits prove especially dangerous because they don’t require users to open the malicious message or link for hackers to gain access to your phone. Researchers are urging Apple Mac, iPhone and Apple Watch users to immediately update their iOS software. The NSO Group exploit was a zero-day, or previously unknown, vulnerability. It’s […]

The post Apple patches against alleged NSO Group zero-click exploit used on activists appeared first on CyberScoop.

Continue reading Apple patches against alleged NSO Group zero-click exploit used on activists→

Interesting Privilege Escalation Vulnerability

Posted on August 26, 2021 by Bruce Schneier

If you plug a Razer peripheral (mouse or keyboard, I think) into a Windows 10 or 11 machine, you can use a vulnerability in the Razer Synapse software — which automatically downloads — to gain SYSTEM privileges.
It should be noted that this… Continue reading Interesting Privilege Escalation Vulnerability→

Paragon: Yet Another Cyberweapons Arms Manufacturer

Posted on August 3, 2021 by Bruce Schneier

Forbes has the story:

Paragon’s product will also likely get spyware critics and surveillance experts alike rubbernecking: It claims to give police the power to remotely break into encrypted instant messaging communications, whether that’s WhatsApp, Signal, Facebook Messenger or Gmail, the industry sources said. One other spyware industry executive said it also promises to get longer-lasting access to a device, even when it’s rebooted.

[…]

Two industry sources said they believed Paragon was trying to set itself apart further by promising to get access to the instant messaging applications on a device, rather than taking complete control of everything on a phone. One of the sources said they understood that Paragon’s spyware exploits the protocols of end-to-end encrypted apps, meaning it would hack into messages via vulnerabilities in the core ways in which the software operates…

Continue reading Paragon: Yet Another Cyberweapons Arms Manufacturer→

Reboot Your Smartphone, FBI’s Top Targeted Vulnerabilities, Flirty Account Dupes Defense Contractors

Posted on August 2, 2021 by Tom Eston

Why rebooting your smartphone is good security hygiene, the FBI reveals top targeted vulnerabilities in the last two years, and details on how a nation state used a “flirty” aerobics instructor to steal data from defense contractors. ** Links mentioned… Continue reading Reboot Your Smartphone, FBI’s Top Targeted Vulnerabilities, Flirty Account Dupes Defense Contractors→

Apple patches zero-day flaw that hackers may have exploited

Posted on July 27, 2021 by Tim Starks

Apple has released updates for its mobile, iPad and computer operating systems, fixing a zero-day flaw that appears to be the subject of active exploitation. The patch comes mere days after another update that tackled 40 vulnerabilities. The latest software update comes in the wake of reports that the Israeli spyware firm NSO Group had developed a hacking tool that helps its customers remotely compromise iOS systems. Whether the patch address those technical issues was not immediately clear. Apple did not immediately respond to a request for comment. The prior Apple update did not address the NSO Group exploits. The iOS 14.7.1, iPadOS 14.7.1 and Big Sur 11.5.1 patch notes are likewise mum, other than to say that an anonymous researcher brought the vulnerability to Apple’s attention. The issue involved improper access to kernel mode, which a hacker could have abused to access the underlying hardware on a device, and […]

The post Apple patches zero-day flaw that hackers may have exploited appeared first on CyberScoop.

Continue reading Apple patches zero-day flaw that hackers may have exploited→

Apple emergency zero-day fix for iPhones and Macs – get it now!

Posted on July 27, 2021 by Paul Ducklin

You’re probably expecting us to say, “Patch early, patch often.” And that is EXACTLY what we’re saying! Continue reading Apple emergency zero-day fix for iPhones and Macs – get it now!→

Are updated iOS devices vulnerable to NSO Pegasus?

Posted on July 19, 2021 by hobs

The Trident memory zero-day, zero-click vulnerabilities (exploits critical to NSO Pegasus success) were supposedly patched on iOS by Apple:

CVE-2016-4657
CVE-2016-4655
CVE-2016-4656

Android phones are presumably still vulnerable. And sin… Continue reading Are updated iOS devices vulnerable to NSO Pegasus?→

China Taking Control of Zero-Day Exploits

Posted on July 14, 2021 by Bruce Schneier

China is making sure that all newly discovered zero-day exploits are disclosed to the government.

Under the new rules, anyone in China who finds a vulnerability must tell the government, which will decide what repairs to make. No information can be given to “overseas organizations or individuals” other than the product’s manufacturer.

No one may “collect, sell or publish information on network product security vulnerabilities,” say the rules issued by the Cyberspace Administration of China and the police and industry ministries.

This just blocks the cyber-arms trade. It doesn’t prevent researchers from telling the products’ companies, even if they are outside of China…

Continue reading China Taking Control of Zero-Day Exploits→

SolarWinds says hackers used a zero-day flaw for ‘targeted attacks’ in a new breach

Posted on July 12, 2021 by Jeff Stone

The federal contractor at the heart of a cyber-espionage campaign that caused months of consternation throughout the U.S. government says hackers have struck again. SolarWinds says an attacker leveraged a software vulnerability in a company product to carry out “limited, targeted attacks.” The unknown hacker used a zero-day flaw in SolarWinds’ Serv-U Managed File Transfer and Serv-U Secure FTP, which are used to transmit data, to target an unknown number of the firm’s customers. Such access would have allowed hackers to install programs; view, manipulate or delete data; or run their own software on an affected system, SolarWinds said in an advisory. “Microsoft has provided evidence of limited, targeted customer impact, though SolarWinds does not currently have an estimate of how many customers may be directly affected by the vulnerability,” the company statement added. “SolarWinds is unaware of the identity of the potentially affected customers.” The breach appears to be […]

The post SolarWinds says hackers used a zero-day flaw for ‘targeted attacks’ in a new breach appeared first on CyberScoop.

Continue reading SolarWinds says hackers used a zero-day flaw for ‘targeted attacks’ in a new breach→

Kaseya Ransomware Attack, PrintNightmare Zero-day, Kaspersky Password Manager Vulnerability

Posted on July 12, 2021 by Tom Eston

Details on the Kaseya supply-chain and REvil ransomware attack, a new zero-day exploit called “PrintNightmare” affects all Windows versions before June, and how randomly generated passwords in a popular password manager were not so random. ** Links men… Continue reading Kaseya Ransomware Attack, PrintNightmare Zero-day, Kaspersky Password Manager Vulnerability→