Explore >> Select a destination
|
You are here 
|
objective-see.com | ||
| | | | |
www.welivesecurity.com
|
|
| | | | | The website of a Hong Kong pro-democracy radio station was compromised to serve a Safari exploit that installed cyberespionage malware on visitors' Macs. | |
| | | | |
bradleyjkemp.dev
|
|
| | | | | LaunchDaemon (or LaunchAgent) Hijacking is a MacOS privilege escalation and persistence technique. It involves abusing insecure file/folder permissions to replace legitimately installed, misconfigured LaunchDaemons with malicious code. I first spotted this issue affecting the OSQuery installer but went looking and found multiple other products with the same problem. This isn't a novel technique (it's briefly mentioned in T1543.004) but I was surprised to find it so rarely talked about. Example - Hijacking the OSQuery LaunchDaemon ?? I've already disclosed this issue to the OSQuery team and they kindly let me use it as an example in this post. | |
| | | | |
blog.google
|
|
| | | | | To protect our users, TAG routinely hunts for 0-day vulnerabilities exploited in-the-wild. In late August 2021, TAG discovered watering hole attacks targeting visitors to Hong Kong websites for a media outlet and a prominent pro-democracy labor and political group. The watering hole served an XNU privilege escalation vulnerability (CVE-2021-30869) unpatched in macOS Catalina, which led to the installation of a previously unreported backdoor.As is our policy, we quickly reported this 0-day to the vendor (... | |
| | | | |
bitcoincore.org
|
|
| | | CVE-2015-20111 - Remote code execution due to bug in miniupnpc | ||
