Spectre exploit, tons of malware and a lot of updates in one digest

According by the new botnets and ransomware, malware creators are increasingly trying to automate the exploitation of new vulnerabilities (like ProxyLogon or others). And at the same time, Microsoft continues to try to fix / detect / somehow help vulnerable mail Exchange servers. 15 Years Linux Kernel Subsystem Vulnerabilities and Specter vulnerability PoC code - … Continue reading Spectre exploit, tons of malware and a lot of updates in one digest

Weekly Digest not only about Zerologon

Of course, the top news of the week is Zerologon. But what about new IOS updates with fix critical vulnerabilities? What about other news in the world of information security? Vulnerabilities: Cool report with h1, IOS and Bluetooth (again?);Tools: KQL with Microsoft and others;News: The largest Magecart infection, NCSC and IOS;Research: A bit of everything. … Continue reading Weekly Digest not only about Zerologon

Vulners weekly digest #9

Four NO traditional sections in our weekly digest. Enjoy! Vulnerabilities and additional info LPE Windows CVE-2019-0880 Detailed research CVE-2019-0880 without exploit. Zero day? https://byteraptors.github.io/windows/exploitation/2020/05/24/sandboxescape.html According to my tests, this bug seems to be still working against a full-patched Windows 7 system and for this reason I chose not to publish the exploit code. Research story … Continue reading Vulners weekly digest #9

Jailbreak for any IOS devices

Last weekend, a team of information security experts and reverse engineers introduced a new version of the Unc0ver jailbreak (5.0.0). This tool works for almost any iPhone, even with the latest iOS 13.5 on board. Unc0ver authors say it exploits a zero kernel vulnerability in the iOS kernel, which Apple experts are not yet aware … Continue reading Jailbreak for any IOS devices