Tag Archive for: 0days

Armed with iOS 0days, hackers indiscriminately infected iPhones for two years

/in
Armed with iOS 0days, hackers indiscriminately infected iPhones for two years

Enlarge (credit: Álvaro Ibáñez)

Hackers exploited more than a dozen iOS vulnerabilities—most of them unpatched zerodays—in a two-year campaign that stole photos, emails, log-in credentials, and more from iPhones and iPads, researchers from Google’s Project Zero said.

The attacks were waged from a small collection of hacked websites that used the exploits to indiscriminately attack every iOS device that visited. Attacks against 14 separate vulnerabilities were packaged into five separate exploit chains that gave the attackers the ability to compromise up-to-date devices over a period of more than two years. An analysis of the well-written exploit chains shows they were likely developed contemporaneously with the exploited iOS versions, which spanned from iOS iOS 10.0.1 released in September 2016 to 12.1.2 issued last December.

Real-time monitoring of entire populations

“I shan’t get into a discussion of whether these exploits cost $ 1 million, $ 2 million, or $ 20 million,” Project Zero researcher Ian Beer wrote in a deep-dive post analyzing the exploits and the malware they installed. “I will instead suggest that all of those price tags seem low for the capability to target and monitor the private activities of entire populations in real time.”

Read 18 remaining paragraphs | Comments

Biz & IT – Ars Technica

Mysterious hacker has been selling Windows 0-days to APT groups for three years – ZDNet

/in

Mysterious hacker has been selling Windows 0-days to APT groups for three years  ZDNet

Hacker has sold Windows zero-days to the likes of Fancy Bear, FIN groups, and cyber-crime gangs.

“zero day exploit” – read more

A security researcher with a grudge is dropping Web 0days on innocent users

/in
Image of ones and zeros with the word

(credit: Pixabay)

Over the past three weeks, a trio of critical zeroday vulnerabilities in WordPress plugins has exposed 160,000 websites to attacks that allow criminal hackers to redirect unwitting visitors to malicious destinations. A self-proclaimed security provider who publicly disclosed the flaws before patches were available played a key role in the debacle, although delays by plugin developers and site administrators in publishing and installing patches have also contributed.

Over the past week, zeroday vulnerabilities in both the Yuzo Related Posts and Yellow Pencil Visual Theme Customizer WordPress plugins—used by 60,000 and 30,000 websites respectively—have come under attack. Both plugins were removed from the WordPress plugin repository around the time the zeroday posts were published, leaving websites little choice than to remove the plugins. On Friday (three days after the vulnerability was disclosed), Yellow Pencil issued a patch. At the time this post was being reported, Yuzo Related Posts remained closed with no patch available.

In-the-wild exploits against Social Warfare, a plugin used by 70,000 sites, started three weeks ago. Developers for that plugin quickly patched the flaw but not before sites that used it were hacked.

Read 14 remaining paragraphs | Comments

Biz & IT – Ars Technica