Google and Apple roll out emergency security updates after zero-day attacks
#ZeroDays
Notfall-Updates für Apple-Geräte
Heute veröffentlichte Apple Notfall-Updates, die User:innen möglichst schnell installieren sollten, weil die gefixten ZeroDays bereits in freier Wildbahn angegriffen werden:
How an ex-L3Harris Trenchant boss stole and sold cyber exploits to Russia
@HonkHase 1/2 Ich stimme dir komplett zu. #Hackbacks sind immer eine dumme Idee. Sie machen das Internet unsicherer und geben Staaten einen Vorwand, selbst anzugreifen. #ZeroDays sind geheime #Sicherheitslücken. Wenn Regierungen sie horten oder kaufen, statt sie zu melden, bleiben alle Menschen und Firmen in Gefahr.
Ein italienischer Anbieter von kommerzieller Spionagesoftware, Memento Labs – ein Nachfolger des einst berüchtigten Hacking Team – stehe im Verdacht, bei der Ausnutzung einer Chrome‑Zero‑Day‑Lücke (CVE‑2025‑2783) im Rahmen der Operation ForumTroll Malware zu liefern. Die Analyse von Kaspersky zeige, dass das bislang unbekannte Schadprogramm „Dante“ seit mindestens 2022 aktiv sei und über die Chrome‑Schwachstelle in hochrangige Ziele in Russland und Belarus eindringe. Die Angreifer haben dabei einen Fehler im Mojo‑IPC‑System von Chrome genutzt, um die Sandbox zu umgehen und mittels COM‑Hijacking persistente Loader zu installieren.
Der Vorfall werfe erneut ein Schlaglicht auf die Rolle kommerzieller Spyware‑Vendoren, die vermehrt Zero‑Days einsetzen, um Regierungen und Behörden weltweit mit Überwachungssoftware zu versorgen.
"Dante" sollte in Russland und Belarus angreifen. Das wird in Westeuropa aktuell niemand wirklich stören. Aber: Das Zurückhalten von Zero-Days - egal von welcher Seite - macht Systeme unsicher. Daher ist es umso wichtiger, Softwareupdates bekannter Zero-Days zeitnah zu installieren.
https://securelist.com/forumtroll-apt-hacking-team-dante-spyware/117851/
U.S. government accuses former L3Harris cyber boss of stealing trade secrets
Pwn2Own Day 2: Hackers exploit 56 zero-days for $790,000
https://www.bleepingcomputer.com/news/security/samsung-galaxy-s25-hacked-on-day-two-of-pwn2own-ireland-2025/
#Infosec #Security #Cybersecurity #CeptBiro #Pwn2Own #Exploit #ZeroDays
Apple alerts exploit developer that his iPhone was targeted with government spyware
The Register: Frightful Patch Tuesday gives admins a scare with 175+ Microsoft CVEs, 3 under attack. “Spooky season is in full swing, and this extends to Microsoft’s October Patch Tuesday with security updates for a frightful 175 Microsoft vulnerabilities, plus an additional 21 non-Microsoft CVEs. And even scarier than the sheer number of bugs: three are listed as under attack, with three […]
Microsoft October 2025 Patch Tuesday fixes 6 zero-days, 172 flaws
https://www.bleepingcomputer.com/news/microsoft/microsoft-october-2025-patch-tuesday-fixes-6-zero-days-172-flaws/
#Infosec #Security #Cybersecurity #CeptBiro #Microsoft #PatchTuesday #ZeroDays
Incident Report
#DailyHumor #OfficeHumor #ZeroDays #SignOfTheTimes #PublicNotices #LobbyLaughs #FunnySigns #UnusualSigns #ComedyGold #Humor
Threat actors continue to exploit #vulnerabilities in #security appliances, such as #firewalls and #VPN concentrators, to gain initial access. Not only #zerodays disclosed in 2025, but also old vulnerabilities remediated years ago, but left unpatched
https://www.hackmageddon.com/2025/10/07/cves-targeting-remote-access-technologies-in-2025/
"Google Threat Intelligence Group (GTIG) is tracking BRICKSTORM malware activity, which is being used to maintain persistent access to victim organizations in the United States. Since March 2025, Mandiant Consulting has responded to intrusions across a range of industry verticals, most notably legal services, Software as a Service (SaaS) providers, Business Process Outsourcers (BPOs), and Technology. The value of these targets extends beyond typical espionage missions, potentially providing data to feed development of zero-days and establishing pivot points for broader access to downstream victims.
We attribute this activity to UNC5221 and closely related, suspected China-nexus threat clusters that employ sophisticated capabilities, including the exploitation of zero-day vulnerabilities targeting network appliances. While UNC5221 has been used synonymously with the actor publicly reported as Silk Typhoon, GTIG does not currently consider the two clusters to be the same.
These intrusions are conducted with a particular focus on maintaining long-term stealthy access by deploying backdoors on appliances that do not support traditional endpoint detection and response (EDR) tools. The actor employs methods for lateral movement and data theft that generate minimal to no security telemetry. This, coupled with modifications to the BRICKSTORM backdoor, has enabled them to remain undetected in victim environments for 393 days, on average. Mandiant strongly encourages organizations to reevaluate their threat model for appliances and conduct hunt exercises for this highly evasive actor. We are sharing an updated threat actor lifecycle for BRICKSTORM associated intrusions, along with specific and actionable steps organizations should take to hunt for and protect themselves from this activity."
https://cloud.google.com/blog/topics/threat-intelligence/brickstorm-espionage-campaign?e=48754805
#CyberSecurity #China #Surveillance #Brickstorm #Malware #USA #ZeroDays
Researchers unveil A2, an AI agent that mimics human bug hunters—finding 100+ zero-days in Android apps. Automation just got sharper. 🤖📱 #ZeroDays #AIBugHunting
https://www.theregister.com/2025/09/04/boffins_build_automated_android_bug_hunting/
"Apple has released security updates to address a security flaw impacting iOS, iPadOS, and macOS that it said has come under active exploitation in the wild.
The zero-day out-of-bounds write vulnerability, tracked as CVE-2025-43300, resides in the ImageIO framework that could result in memory corruption when processing a malicious image.
"Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals," the company said in an advisory.
The iPhone maker said the bug was internally discovered and that it was addressed with improved bounds checking. The following versions address the security defect -"
https://thehackernews.com/2025/08/apple-patches-cve-2025-43300-zero-day.html
Content Warning: Thriller, Spannung
Guten Morgen! Heute möchte ich dir "Zero Days" von Ruth Ware ans Herz legen. Ein spannender Thriller, in dem Jack und Gabe, ein Ehepaar und Experten für Sicherheitssysteme, im Mittelpunkt stehen. Ihr Talent wird auf die Probe gestellt, als Jack plötzlich verhaftet wird und ihr geordnetes Leben ins Chaos stürzt. Ein Muss für Fans von Spannung und Nervenkitzel! #ZeroDays #RuthWare #Thriller #Spannung
Link zur Folge: https://spoo.me/DKTFolge231
Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch
https://www.securityweek.com/microsoft-says-chinese-apts-exploited-toolshell-zero-days-weeks-before-patch/
#Infosec #Security #Cybersecurity #CeptBiro #Microsoft #ChineseAPTs #ToolShell #ZeroDays
@heiseonline Obwohl diese Überwachungsmaßnahmen nur zielgerichtet eingesetzt werden sollen, schaden sie uns allen – auch in Deutschland und anderen Ländern. Denn damit der Bundestrojaner im Bedarfsfall funktioniert, müssen Sicherheitslücken offengehalten (#zeroday) oder eingeschmuggelt (#backdoor) werden.
Dadurch wird die gesamte globale IT-Infrastruktur unsicherer: Kriminelle und feindliche Geheimdienste können diese Hintertüren genauso nutzen wie die eigenen Geheimdienste.
Wäre schön, wenn Heise diese Zusammenhänge im Artikel erläutern würde.
#Bundestrojaner #Staatstrojaner #Govware #Malware #zerodays #Hintertür
The Register: Google quietly pushes emergency fix for Chrome 0-day as exploit runs wild. “Google Threat Analysis Group (TAG) team members Clement Lecigne and Benoît Sevens spotted the high-severity bug, tracked as CVE-2025-5419, on May 27. It’s an out-of-bounds read and write vulnerability in Chrome’s V8 JavaScript engine that could allow a remote attacker to corrupt memory and potentially […]
Client Info
Server: https://mastodon.social
Version: 2025.07
Repository: https://github.com/cyevgeniy/lmst