OS Blog News(1)  - OS List -    2024  2023  2022  2021  2020  2019  2018

APT blog  Attack blog  BigBrother blog  BotNet blog  Cyber blog  Cryptocurrency blog  Exploit blog  Hacking blog  ICS blog  Incident blog  IoT blog  Malware blog  OS Blog  Phishing blog  Ransom blog  Safety blog  Security blog  Social blog  Spam blog  Vulnerebility blog

DATE

NAME

Info

CATEG.

WEB

21.12.24

Windows Tooling Updates: OleView.NET

This is a short blog post about some recent improvements I've been making to the OleView.NET tool which has been released as part of version 1.16. The tool is designed to discover the attack surface of Windows COM and find security vulnerabilities such as privilege escalation and remote code execution.

OS Blog

Project Zero

21.12.24

Simple macOS kernel extension fuzzing in userspace with IDA and TinyInst

Recently, one of the projects I was involved in had to do with video decoding on Apple platforms, specifically AV1 decoding. On Apple devices that support AV1 video format (starting from Apple A17 iOS / M3 macOS), decoding is done in hardware

OS Blog

Project Zero

2.11.24

Gatekeeper Bypass: Uncovering Weaknesses in a macOS Security Mechanism

Unit 42 researchers have found that certain third-party utilities and applications pertaining to archiving, virtualization and Apple’s native command-line tools do not enforce the quarantine attribute. This can pose a threat to the integrity of a security feature on macOS known as Gatekeeper, which is responsible for ensuring that only trusted software runs on the system. A bypass of Gatekeeper could leave the user unprotected from risky applications that may attempt to execute malicious content. OS BlogPalo Alto

2.11.24

MacOS Malware Surges as Corporate Usage GrowsAs more companies adopt macOS for their corporate needs, attackers are adapting their techniques to get what they wantOS BlogTrelix

2.11.24

Why system resilience should mainly be the job of the OS, not just third-party applicationsBuilding efficient recovery options will drive ecosystem resilienceOS Blog

Eset

14.9.24

Microsoft Security Bulletin Coverage For September 2024Microsoft’s September 2024 Patch Tuesday has 79 vulnerabilities, of which 30 are Elevation of Privilege. SonicWall Capture Labs threat research team has analyzed and addressed Microsoft’s security advisories for the month of September 2024 and has produced coverage for 9 of the reported vulnerabilities. OS BlogSonicWall

31.8.24

Exploring Android threats and ways to mitigate them | Unlocked 403 cybersecurity podcast (ep. 5)

The world of Android threats is quite vast and intriguing. In this episode, Becks and Lukáš demonstrate how easy it is to take over your phone, with some added tips on how to stay secure

OS Blog

Eset

24.8.24

How multiple vulnerabilities in Microsoft apps for macOS pave the way to stealing permissionsAn adversary could exploit these vulnerabilities by injecting malicious libraries into Microsoft's applications to gain their entitlements and user-granted permissions.OS BlogCisco Blog

24.8.24

NGate Android malware relays NFC traffic to steal cashAndroid malware discovered by ESET Research relays NFC data from victims’ payment cards, via victims’ mobile phones, to the device of a perpetrator waiting at an ATMOS Blog

Eset

24.8.24

Be careful what you pwish for – Phishing in PWA applicationsESET analysts dissect a novel phishing method tailored to Android and iOS usersOS Blog

Eset

17.8.24

Microsoft Security Bulletin Coverage For August 2024Microsoft’s 2024 Patch Tuesday has 87 vulnerabilities, 36 of which are Elevation of Privilege vulnerabilities. The SonicWall Capture Labs threat research team has analyzed and addressed Microsoft’s security advisories for the month of 2024 and has produced coverage for ten of the reported vulnerabilities OS BlogSonicWall

17.8.24

Talos discovers 11 vulnerabilities between Microsoft, Adobe software disclosed on Patch TuesdayEight of the vulnerabilities affect the license update feature for CLIPSP.SYS, a driver used to implement Client License System Policy on Windows 10 and 11.OS BlogCisco Blog

3.8.24

Out-of-bounds read vulnerability in NVIDIA driver; Open-source flashcard software contains multiple security issuesA binary in Apple macOS could allow an adversary to execute an arbitrary binary that bypasses SIP.OS BlogCisco Blog

27.7.24

Telegram for Android hit by a zero-day exploit – Week in security with Tony Anscombe

Attackers abusing the "EvilVideo" vulnerability could share malicious Android payloads via Telegram channels, groups, and chats, all while making them appear as legitimate multimedia files

OS Blog

Eset

15.6.24Driving forward in Android driversAndroid's open-source ecosystem has led to an incredible diversity of manufacturers and vendors developing software that runs on a broad variety of hardware. This hardware requires supporting drivers, meaning that many different codebases carry the potential to compromise a significant segment of Android phonesOS BlogProject Zero
15.6.24Arid Viper poisons Android apps with AridSpyESET researchers discovered Arid Viper espionage campaigns spreading trojanized apps to Android users in Egypt and PalestineOS BlogEset

18.5.24

Talos releases new macOS open-source fuzzerCompared to fuzzing for software vulnerabilities on Linux, where most of the code is open-source, targeting anything on macOS presents a few difficulties.OS BlogCisco Blog
4.2.24Financial Fraud APK CampaignDuring our research discovering threats in legitimate network traffic, activity generated by a certain type of Android Package Kit (APK) files kept hitting our radar. This activity led us to conduct an in-depth investigation on the associated APK files. Our research revealed a family of malicious APKs targeting Chinese users that steals victim information and conducts financial fraud. OS BlogPalo Alto

20.1.24

CHECK POINT RESEARCH ALERTS ON A NEW NFT AIRDROP CAMPAIGNA traffic direction system (TDS) nicknamed Parrot TDS has been publicly reported as active since October 2021. Websites with Parrot TDS have malicious scripts injected into existing JavaScript code hosted on the server. This TDS is easily identifiable by keywords found in the injected JavaScript that we will explore to show the evolution of this threat. OS BlogCheckpoint