You might be interested in …

[TheRecord] Apple fixes AWDL bug that could be used to escape air-gapped networks

Apple has fixed a vulnerability in its Apple Wireless Direct Link (AWDL) technology that could have been abused by threat actors to escape and steal data from air-gapped networks. Silently patched earlier this spring, in April — with the release of iOS 14.5, iPadOS 14.5, watchOS 7.4, and Big Sur 11.3 — the vulnerability was publicly disclosed […]

Read More

[SANS ISC] “Stolen Images Evidence” campaign pushes Sliver-based malware, (Thu, Oct 21st)

All posts, Sans-ISC

Introduction On Wednesday 2021-10-20, Proofpoint reported the TA551 (Shathak) campaign started pushing malware based on Sliver.  Sliver is a framework used by red teams for adversary simluation and penetration testing.  I’ve already posted my findings on TA551’s Sliver activity from 2021-10-20. That same day, Sliver-based malware was also being pushed by the “Stolen Images Evidence” […]

Read More

[SecurityWeek] VMware Patches Privilege Escalation Vulnerability in Tools for Windows

All posts, Security Week

A high-severity vulnerability that VMware patched this week in VMware Tools for Windows could be exploited to execute arbitrary code with elevated privileges. read more Source: Read More (SecurityWeek RSS Feed)

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.