Latest News

2020/11/09

Update Your iOS Devices Now — 3 Actively Exploited 0-Days Discovered

Apple on Thursday released multiple security updates to patch three zero-day vulnerabilities that were revealed as being actively exploited in the wild.

Rolled out as part of its iOS, iPadOS, macOS, and watchOS updates, the flaws reside in the FontParser component and the kernel, allowing adversaries to remotely execute arbitrary code and run malicious programs with kernel-level privileges.

The zero-days were discovered and reported to Apple by Google's Project Zero security team.
2020/10/27

Containerd Bug Exposes Cloud Account Credentials

A security vulnerability can be exploited to coerce the containerd cloud platform into exposing the host’s registry or users’ cloud-account credentials.

Containerd bills itself as a runtime tool that “manages the complete container lifecycle of its host system, from image transfer and storage to container execution and supervision to low-level storage to network attachments and beyond.” As such, it offers deep visibility into a user’s cloud environment, across multiple vendors.
2020/10/13

Sophisticated Android Ransomware Executes with the Home Button

A fresh variant of a sophisticated Android ransomware known as MalLocker locks up mobile devices – surfacing its ransom note when a user hits the Home button.

According to research from Microsoft, MalLocker is spreading via malicious website downloads (disguised as popular apps, cracked games or video players) and peddled in online forums, as it always has. However, “the new variant caught our attention because it’s an advanced malware with unmistakable malicious characteristic and behavior and yet manages to evade many available protections, registering a low detection rate against security solutions,” Microsoft researchers said, in a Thursday posting.
2020/10/07

Unpatched Apple T2 Chip Flaw Plagues Macs

In case you are using a recent macOS device, you are probably using the embedded T2 security chip which runs bridgeOS and is actually based on watchOS. This is a custom ARM processor designed by Apple based on the A10 CPU found in the iPhone 7. The T2 chip contains a Secure Enclave Processor (SEP), much like the A-series processor in your iPhone will contain a SEP.

While newer Macs and/or Apple Silicon (including the dev kit) will use a more recent A-series processor such as the A12, current Macs still use the A10.

It performs a predefined set of tasks for macOS such as audio processing, handling I/O, functioning as a Hardware Security Module for e.g. Apple KeyChain or 2FA, hardware accelerating media playback, whitelisting kernel extensions, cryptographic operations and ensuring the operating system you are booting is not tampered with. The T2 chip runs its own firmware called bridgeOS, which can be updated when you install a new macOS version. (ever notice the screen flickering? that’s the display driver being interrupted and possibly updated.)
Source: ironpeak.be
2020/10/05

Beware: New Android Spyware Found Posing as Telegram and Threema Apps

A hacking group known for its attacks in the Middle East, at least since 2017, has recently been found impersonating legitimate messaging apps such as Telegram and Threema to infect Android devices with a new, previously undocumented malware.

"Compared to the versions documented in 2017, Android/SpyC23.A has extended spying functionality, including reading notifications from messaging apps, call recording and screen recording, and new stealth features, such as dismissing notifications from built-in Android security apps," cybersecurity firm ESET said in a Wednesday analysis.