Found 5 bookmarks
Custom sorting
New Apple Zero-Days Exploited to Target Egyptian ex-MP with Predator Spyware
New Apple Zero-Days Exploited to Target Egyptian ex-MP with Predator Spyware
The three zero-day flaws addressed by Apple on September 21, 2023, were leveraged as part of an iPhone exploit chain in an attempt to deliver a spyware strain called Predator targeting former Egyptian member of parliament Ahmed Eltantawy between May and September 2023. "The targeting took place after Eltantawy publicly stated his plans to run for President in the 2024 Egyptian elections," the Citizen Lab said, attributing the attack with high confidence to the Egyptian government owing to it being a known customer of the commercial spying tool.
#thehackernews#EN#2023#0-day#0-days#Predator#Egypt#Apple#CitizenLab#CVE-2023-41991#CVE-2023-41992#CVE-2023-41993
·thehackernews.com·
New Apple Zero-Days Exploited to Target Egyptian ex-MP with Predator Spyware
Project Zero: An Autopsy on a Zombie In-the-Wild 0-day
Project Zero: An Autopsy on a Zombie In-the-Wild 0-day
Whenever there’s a new in-the-wild 0-day disclosed, I’m very interested in understanding the root cause of the bug. This allows us to then understand if it was fully fixed, look for variants, and brainstorm new mitigations. This blog is the story of a “zombie” Safari 0-day and how it came back from the dead to be disclosed as exploited in-the-wild in 2022. CVE-2022-22620 was initially fixed in 2013, reintroduced in 2016, and then disclosed as exploited in-the-wild in 2022. If you’re interested in the full root cause analysis for CVE-2022-22620, we’ve published it here.
#googleprojectzero#EN#2022#0-day#Safari#CVE-2022-22620#Apple
·googleprojectzero.blogspot.com·
Project Zero: An Autopsy on a Zombie In-the-Wild 0-day
Project Zero: An Autopsy on a Zombie In-the-Wild 0-day
Project Zero: An Autopsy on a Zombie In-the-Wild 0-day
Whenever there’s a new in-the-wild 0-day disclosed, I’m very interested in understanding the root cause of the bug. This allows us to then understand if it was fully fixed, look for variants, and brainstorm new mitigations. This blog is the story of a “zombie” Safari 0-day and how it came back from the dead to be disclosed as exploited in-the-wild in 2022. CVE-2022-22620 was initially fixed in 2013, reintroduced in 2016, and then disclosed as exploited in-the-wild in 2022. If you’re interested in the full root cause analysis for CVE-2022-22620, we’ve published it here.
#googleprojectzero#EN#2022#0-day#Safari#CVE-2022-22620#Apple
·googleprojectzero.blogspot.com·
Project Zero: An Autopsy on a Zombie In-the-Wild 0-day
Project Zero: An Autopsy on a Zombie In-the-Wild 0-day
Project Zero: An Autopsy on a Zombie In-the-Wild 0-day
Whenever there’s a new in-the-wild 0-day disclosed, I’m very interested in understanding the root cause of the bug. This allows us to then understand if it was fully fixed, look for variants, and brainstorm new mitigations. This blog is the story of a “zombie” Safari 0-day and how it came back from the dead to be disclosed as exploited in-the-wild in 2022. CVE-2022-22620 was initially fixed in 2013, reintroduced in 2016, and then disclosed as exploited in-the-wild in 2022. If you’re interested in the full root cause analysis for CVE-2022-22620, we’ve published it here.
#googleprojectzero#EN#2022#0-day#Safari#CVE-2022-22620#Apple
·googleprojectzero.blogspot.com·
Project Zero: An Autopsy on a Zombie In-the-Wild 0-day