Tag: APPLE

Cyberattackers Hide Infostealers in YouTube Comments, Google Search Results
Summary: Attackers are exploiting YouTube and Google search results to target individuals seeking pirated software, leading them to malicious downloads that install infostealing malware. Researchers from Trend Micro have identified various tactics used by these threat actors to evade detection and compromise sensitive information.

Threat Actor: Cybercriminals | cybercriminals Victim: Individuals seeking pirated software | individuals seeking pirated software

Key Point :

Attackers pose as guides on YouTube, providing fake software installation tutorials to lure victims.…
Read More
Critical macOS Sandbox Vulnerability PoC Exploit Released Online
Summary: A proof-of-concept exploit for the critical macOS vulnerability CVE-2024-54498 has been released, enabling malicious applications to escape the macOS Sandbox. This vulnerability poses significant risks, including unauthorized access to sensitive data and system control.

Threat Actor: Malicious actors | malicious actors Victim: macOS users | macOS users

Key Point :

The vulnerability CVE-2024-54498 has a CVSS score of 8.8, indicating high severity.…
Read More
This article provides a comprehensive overview of significant cybersecurity incidents and vulnerabilities reported recently, including outages, data breaches, and exploits targeting various platforms. Affected: Proton Mail, Ivanti VPN, Banshee, BayMark Health Services, Medusind, MirrorFace, STIIIZY, Samsung, GFI KerioControl, Mitel MiCollab, CrowdStrike, Akamai, Casio.

Keypoints :

Proton Mail experienced a worldwide outage due to a surge in database connections during infrastructure migration.…
Read More
RST TI Report Digest: January 13, 2025
This week’s threat intelligence report from RST Cloud highlights significant cyber threats from various actors, including the Chinese state-sponsored group RedDelta targeting Mongolia, Taiwan, and Southeast Asia, as well as the emergence of new malware like Banshee and the Gayfemboy botnet. The report summarizes key findings from 29 threat intelligence reports, detailing tactics, techniques, and procedures (TTPs) used in these attacks, and includes numerous indicators of compromise (IoCs).…
Read More

Summary: The video discusses serious security breaches and privacy concerns within major tech platforms and services. Key topics include a hacking incident involving Gravy Analytics, Telegram’s increased user data disclosures, and Apple’s near admission of Siri recording private conversations for targeted advertising.

Keypoints:

Hackers breached Gravy Analytics, a location data broker selling user coordinates to various third parties.…
Read More
Phishing texts trick Apple iMessage users into disabling protection
Summary: Cybercriminals are exploiting a vulnerability in Apple iMessage’s phishing protection by tricking users into replying to smishing messages, which re-enables links that were initially disabled. This tactic poses a significant threat as it targets users who may not recognize phishing attempts, particularly older individuals.

Threat Actor: Cybercriminals | cybercriminals Victim: Mobile users | mobile users

Key Point :

Attackers send smishing texts that appear legitimate, prompting users to reply to enable links.…
Read More
Russia Carves Out Commercial Surveillance Success Globally
Summary: Several governments in Central Asia and Latin America have acquired Russian wiretapping technology, enhancing their surveillance capabilities and potentially enabling Russian intelligence access to intercepted communications. This development raises concerns about civil liberties and the risks faced by individuals in these regions.

Threat Actor: Russian Intelligence | Russian Intelligence Victim: Citizens of Belarus, Kazakhstan, Kyrgyzstan, Uzbekistan, Cuba, and Nicaragua | citizens of Belarus, Kazakhstan, Kyrgyzstan, Uzbekistan, Cuba, and Nicaragua

Key Point :

Acquisition of SORM technology by multiple governments enhances their ability to wiretap citizens.…
Read More

Summary: The video discusses the exciting advancements in AI technology showcased at the Consumer Electronics Show (CES), particularly focusing on NVIDIA’s new DIGITS supercomputer, developer use of AI tools, Apple’s AI features, and reflections on ChatGPT’s development.

Keypoints:

The guests, including Shobhit Varshney, Skyler Speakman, and Volkmar Uhlig, express excitement about NVIDIA’s DIGITS, a desktop supercomputer capable of running large AI models locally.…
Read More
Banshee macOS Malware Expands Targeting
Summary: The Banshee macOS information stealer has been updated to target systems using the Russian language, expanding its reach, according to cybersecurity firm Check Point. Initially launched in mid-2024, the malware continues to pose threats despite the leak of its source code.

Threat Actor: Russian Developers | Russian Developers Victim: macOS Users | macOS Users

Key Point :

Banshee can collect sensitive data including passwords, system information, and cryptocurrency wallet details.…
Read More
The Feed 2025-01-10

“`html

Check Point Research has identified a new version of the Banshee macOS stealer malware, which has been evading detection since September 2024. The malware targets macOS users, stealing sensitive information and utilizing an encryption algorithm similar to Apple’s XProtect. Despite the shutdown of its original operations after a code leak, Banshee continues to be distributed through phishing websites and malicious GitHub repositories.…
Read More
Banshee stealer evades detection using Apple XProtect encryption algo
Summary: A new variant of the Banshee info-stealing malware for macOS has been evading detection by utilizing string encryption techniques similar to those used by Apple’s XProtect. This malware, which targets sensitive data from macOS users, has continued to spread through deceptive methods despite the original operation being shut down after its source code was leaked.…
Read More
Apple says it does not use Siri audio for advertising
Summary: Apple has reiterated its commitment to user privacy, stating that it does not use Siri audio for marketing or advertising purposes. This clarification follows a $95 million settlement related to allegations of Siri audio being shared with third parties for targeted advertising.

Threat Actor: N/A | N/A Victim: iPhone owners | iPhone owners

Key Point :

Apple confirms that Siri data has never been used for marketing profiles or advertising.…
Read More
New Banshee Stealer Variant Bypasses Antivirus with Apple’s XProtect-Inspired Encryption
Summary: A new variant of the macOS-focused Banshee Stealer malware has emerged, utilizing advanced encryption techniques to evade detection and posing a significant threat to macOS users worldwide. This iteration, which has been detected since late September 2024, is distributed through phishing websites and fake software repositories.…
Read More
GFI KerioControl Firewall Vulnerability Exploited in the Wild
Summary: Threat actors are exploiting a recently disclosed vulnerability in GFI KerioControl firewalls, allowing for one-click remote code execution (RCE) via HTTP response splitting attacks. This flaw, tracked as CVE-2024-52875, has been deemed high severity due to its potential impact on network security.

Threat Actor: Unknown | unknown Victim: GFI KerioControl users | GFI KerioControl

Key Point :

The vulnerability allows attackers to perform HTTP response splitting, leading to reflected cross-site scripting (XSS) and RCE.…
Read More
The Feed 2025-01-09
This article explores various cyber threats, including voice phishing by the “Crypto Chameleon” group, exploitation of vulnerabilities in Kerio Control and Ivanti Connect Secure VPN, and North Korean hackers targeting cryptocurrency wallets through fake job interviews. The rise of ransomware among state-sponsored APT groups is also highlighted, indicating a troubling trend in modern cyber threats.…
Read More
Multiple vulnerabilities in Ivanti products could lead to remote code execution. The most critical vulnerability affects Ivanti Connect Secure, with active exploitation reported. Affected: Ivanti Connect Secure, Ivanti Policy Secure, Ivanti Neurons for ZTA gateways

Keypoints :

Multiple vulnerabilities discovered in Ivanti products. Most severe vulnerability allows for remote code execution.…
Read More
Washington Attorney General Sues T-Mobile Over 2021 Data Breach
Summary: Washington State Attorney General Bob Ferguson has filed a lawsuit against T-Mobile over a significant data breach in 2021 that compromised the personal information of millions. The lawsuit claims T-Mobile failed to implement adequate security measures and misled customers about the breach’s severity.

Threat Actor: John Binns | John Binns Victim: T-Mobile | T-Mobile

Key Point :

The 2021 breach affected over 76.6 million individuals, including more than 2 million Washington residents.…
Read More

The video discusses a new vulnerability that was revealed in the Common Unix Printing System (CUPS), particularly affecting network printers on Linux systems. Alex Lyn joins Darren Kitchen to explore this remote code execution (RCE) exploit and demonstrate some of its implications, including how malicious printers can potentially compromise systems on the same network.…
Read More