Malware & Threats Stealth Techniques Used in ‘Operation Triangulation’ iOS Attack Dissected Kaspersky analyzes the stealth techniques that were used in the ‘Operation Triangulation’ iOS zero-click attacks. Ionut ArghireOctober 24, 2023
Malware & Threats Mirai Variant IZ1H9 Adds 13 Exploits to Arsenal A Mirai botnet variant tracked as IZ1H9 has updated its arsenal with 13 exploits targeting various routers, IP cameras, and other IoT devices. Ionut ArghireOctober 10, 2023
Mobile & Wireless Russian Zero-Day Acquisition Firm Offers $20 Million for Android, iOS Exploits Russian zero-day acquisition firm Operation Zero is now offering $20 million for full Android and iOS exploit chains. Ionut ArghireSeptember 28, 2023
Mobile & Wireless Predator Spyware Delivered to iOS, Android Devices via Zero-Days, MitM Attacks Predator spyware delivered to iPhones and Android devices using iOS and Chrome zero-day vulnerabilities and MitM attacks. Eduard KovacsSeptember 25, 2023
Vulnerabilities Over 20,000 Citrix Appliances Vulnerable to New Exploit Over 20,000 appliances are vulnerable to a new exploit technique targeting a recent Citrix ADC zero-day vulnerability CVE-2023-3519. Ionut ArghireJuly 24, 2023
ICS/OT APT Exploit Targeting Rockwell Automation Flaws Threatens Critical Infrastructure Two Rockwell Automation product vulnerabilities have been used for a new exploit by an APT group that could use it to target critical infrastructure. Eduard KovacsJuly 13, 2023
Vulnerabilities PoC Exploit Published for Cisco AnyConnect Secure Vulnerability A security researcher has published proof-of-concept (PoC) exploit code targeting a recent high-severity vulnerability (CVE-2023-20178) in Cisco AnyConnect Secure. Ionut ArghireJune 22, 2023
Cyberwarfare Russia Blames US Intelligence for iOS Zero-Click Attacks Kaspersky said its corporate network has been targeted with a zero-click iOS exploit, just as Russia's FSB said iPhones have been targeted by US... Eduard KovacsJune 1, 2023
Vulnerabilities Apple Ships Urgent iOS Patch for Newly Exploited Zero-Days The newest iOS 16.4.1 and iPadOS 16.4.1 patches a pair of code execution flaws that have already been exploited in the wild. Ryan NaraineApril 7, 2023
Threat Intelligence Most Weaponized Vulnerabilities of 2022 and 5 Key Risks: Report A new research report discusses the five most exploited vulnerabilities of 2022, and the five key risks that security teams should consider. Kevin TownsendMarch 29, 2023
Nation-State Microsoft: No-Interaction Outlook Zero Day Exploited Since Last April Microsoft says it has evidence that Russian APT actors were exploiting a nasty Outlook zero-day as far back as April 2022, upping the stakes... Ryan NaraineMarch 27, 2023
Vulnerabilities Attacks Targeting Realtek SDK Vulnerability Ramping Up Security researchers have observed an uptick in attacks targeting CVE-2021-35394, an RCE vulnerability in Realtek Jungle SDK. Ionut ArghireJanuary 24, 2023