Zero-Click iMessage Exploit
September 17 2021Citizen Lab released a report on a zero-click iMessage exploit that is used in NSO Group’s Pegasus spyware.
Apple patched the vulnerability; everyone needs to update their OS immediately.
Recent Posts
Recent Comments
Archives
- January 2025
- December 2024
- November 2024
- October 2024
- September 2024
- August 2024
- July 2024
- June 2024
- May 2024
- April 2024
- March 2024
- February 2024
- January 2024
- December 2023
- November 2023
- October 2023
- September 2023
- August 2023
- July 2023
- June 2023
- May 2023
- April 2023
- March 2023
- February 2023
- January 2023
- December 2022
- November 2022
- October 2022
- September 2022
- August 2022
- July 2022
- June 2022
- May 2022
- April 2022
- March 2022
- February 2022
- January 2022
- December 2021
- November 2021
- October 2021
- September 2021
- August 2021
- July 2021
- June 2021
- May 2021
- April 2021
- March 2021
- February 2021
- January 2021
- December 2020
- November 2020
- October 2020
- September 2020
- August 2020
- July 2020
- June 2020
- May 2020
- April 2020
- March 2020
- February 2020
- January 2020
- December 2019
- November 2019
- October 2019
- September 2019
- August 2019
- July 2019
- June 2019
- May 2019
- April 2019
- March 2019
- February 2019
- January 2019
- December 2018
- November 2018
- October 2018
- September 2018
- August 2018
- July 2018
- June 2018
- May 2018
- April 2018
- March 2018
- February 2018
- January 2018
- December 2017
- October 2017
- September 2017
- August 2017
- July 2017
- June 2017
- April 2017
- March 2017
- February 2017
- January 2017
- November 2016
- October 2016
- August 2016
- July 2016
- June 2016
- May 2016
- March 2016
- February 2016
- January 2016
- December 2015
- November 2015
- October 2015
- September 2015
- August 2015
- July 2015
- June 2015
- May 2015
- April 2015
- February 2015
- October 2014
- September 2014
- August 2014
- July 2014
- June 2014
- April 2014
- March 2014
- February 2014
- January 2014
- December 2013
- November 2013
- October 2013
- September 2013
- August 2013
- July 2013
- June 2013
- April 2013
- March 2013
- February 2013
- January 2013
- December 2012
- November 2012
- October 2012
- September 2012
- August 2012
- July 2012
- June 2012
- May 2012
- April 2012
- March 2012
- October 2011
- June 2011
- February 2011
- October 2010
- September 2010
- August 2010
- July 2010
- August 2009
- November 2008
Categories
- 0-day
- 0day
- 0day exploits
- 1 844 286 1916
- A Little Sunshine
- Aaron Stephens
- adobe acrobat
- adobe reader
- Adrian Mettler
- Advanced Malware
- adversary
- Agari
- airgaps
- alex holden
- Alex Orleans
- Alex Pennino
- Alice Revelli
- Alien Vault
- All About Skimmers
- Alyssa Rahman
- analysis
- Andrew Moore
- Andrew Thompson
- Android
- Android Malware
- APK
- Apple
- Apple Watch
- Apps
- APT
- artificialintelligence
- Ashley Frazer
- Atlanta
- attribution
- authentication
- Backdoor
- Ben Read
- Billy James Velasco
- Bitcoin
- Blaine Stancill
- BleepingComputer
- Blog
- bluetooth
- books
- booter
- Brandan Schondorfer
- Breach
- Brett Hawkins
- browsing data
- Bryce Abdo
- Cameron Sabel
- Camilo Constantino Rivera
- Cardholder Services
- Carlos Garcia Prado
- Casey Erikson
- Cerber
- Charles Hamilton
- Chi-en Shen
- China
- Christopher Gardner
- Christopher Glyer
- Claudiu Teodorescu
- Collection #1
- COM objects
- compliance
- concealment
- Coronavirus
- COVID-19
- covid19
- crime
- Cristiana Brafman-Kittner
- cryptanalysis
- Cryptography
- Curtis Antolik
- CVE-2020-1054
- CVE-2020-1117
- CVE-2020-1126
- CVE-2020-1135
- CVE-2020-1143
- Cyber Crime
- Cyber Espionage
- cyber physical
- Cybercrime
- cybersecurity
- Cybersecurity Challenge
- Dan Caselden
- Dan Perez
- Daniel Kapellmann Zafra
- Daniel Pany
- Daniel Regalado
- Danielle Desfosses
- Data
- data protection
- data science
- data theft
- databases
- David Cox
- David Krisiloff
- David Pany
- DDoS-for-Hire
- ddos-for-hire services
- Detection
- development libraries
- DHS
- Diebold Nixdorf
- Dileep Kumar Jallepalli
- Dimiter Andonov
- Disruptive Malware
- Dll
- DMCA
- DNC
- Docker Desktop for Windows
- Docker Desktop Service
- dogfood
- Douglas Bienstock
- E2E encryption
- e2ee
- eavesdropping
- EDR
- edwardsnowden
- Elaine Dodd
- Emsisoft
- Encase
- Encoding
- end-to-end encryption
- Endpoint
- Endpoint Security
- Engine
- Eoin Jennings
- epidemiology
- espionage
- Evan Pena
- Evan Reese
- Evan Wright
- Expert Views
- Exploit
- Exploit Kits
- Exploits
- Fabian Wosar
- FaceTime
- falsenegatives
- falsepositives
- Farzin Maghsoudi
- FBI
- Federal Government
- Feed
- FIN7
- financial industry
- FireEye
- FireEye Intelligence
- FireEye Mandiant Threat Intelligence
- FireEye Threat Intelligence
- FLARE
- Flash
- Flash Player
- Florian Claudiu Martin
- Florian Tudor
- Forensic Toolkit
- Forensics
- Fred Plan
- FTK
- FUD
- fxsst.dll
- Gabby Roncone
- GandCrab
- GDPR
- Genevieve Stark
- Genwei Jiang
- Geoff Ackerman
- Google Messages
- government
- Grant Oviatt
- Greedy
- hack
- healthcare
- Helena Brito
- hijacks
- historyofcryptography
- Hold Security
- Homepage Carousel
- homepage highlight
- i2Coalition
- Ics
- ICS Security
- IDA
- Ida Pro
- impersonation
- Incident Response
- Indicator of Compromise
- Industrial Control Systems
- INDX
- INDX buffers
- information operations
- Information Security
- information technology
- InfoSec
- Intacash
- Intel 471
- Intelligence
- Intelligent Response
- investigation
- iOS
- iPad
- iPhone
- Iran
- Ivanti
- Jacob Barteaux
- Jacob Thompson
- Jacqueline O’Leary
- jailbreak
- Jake Nicastro
- James T. Bennett
- Janney and Janney
- Jared Semrau
- Jay Gibble
- Jeff Hamm
- Jeffrey Ashcraft
- Jen Weedon
- Jeremy Kennelly
- Jessica Rocchio
- Jimmy Su
- John Hultquist
- Jordan Nuce
- Josh Madeley
- Josh Townsend
- Josh Yoder
- Joshua Homan
- Joshua Shilko
- Josiah Kimble
- Junyuan Zeng
- Jurgen Kutscher
- Kareem Hamdan
- Kathleen Metrick
- Katie Bowen
- Keith Lunden
- Kelli Vanderlee
- Kerberos
- Kevin Townsend's opinions
- Kimberly Goody
- KnownDLLs
- Krober
- Latest Blog Posts
- Latest Warnings
- Law & order
- lawenforcement
- Lawrence Abrams
- lawsuit
- Lebron
- Lee Foster
- Linhai Song
- Linux
- LNK
- Luke McNamara
- M-trends
- Mac
- machine learning
- MagicPairing
- Malware
- Malware Analysis
- malware testing service
- Managed Defense
- Mandiant
- Manish Sardiwal
- Martin Zinaich
- Matt Berninger
- Matt Bromiley
- Matthew Graeber
- Matthew Haigh
- Matthew McWhirt
- medicine
- memory forensics
- messaging
- Metasploit
- Michael Bailey
- Michael Sikorski
- Microsoft
- Microsoft support scam
- Microsoft web server
- Middle East
- Mike Scott
- MIR
- MITRE
- MMS
- Mobile
- Mobile Threats
- money mules
- Mozilla
- Nalani Fraser
- Nathan Brubaker
- Nathan Kirk
- National Crime Agency
- nationalsecuritypolicy
- Ne'er-Do-Well News
- Neal Gay
- Ned Moran
- Netwalker
- News
- News_privacy
- Nhan Huynh
- Niall Errity
- Nick Carr
- Nick Harbour
- Nick Richard
- Nick Schroeder
- Noah Klapprodt
- nsa
- NTFS
- NTFS INDX Buffers
- ntshrui.dll
- OCCRP
- Office 365
- Oklahoma Bankers Association
- Omar Sardar
- open source bugs
- open source tools
- OpenIOC
- operational technology
- operationalsecurity
- Organized Crime and Corruption Reporting Project
- outlook
- P O Box 551617 Jacksonville FL
- Pablo Escobar
- Pandemic Unemployment Assistance
- Parnian Najafi
- password megabreach
- Patch
- patches
- Pathways to Cyber Crime
- patreon
- Patrick Peterson
- Patriot Act
- PDB
- Penetration Testing
- penetrationtesting
- persistence
- Peter Gilbert
- Philip Tully
- Phishing
- play store
- Podcast
- powershell
- Privacy
- privilege escalation
- ProLock ransomware
- promon
- protocol
- python
- ragnar ransomware
- Ransomware
- Rat
- Raymond Leong
- RCS
- RDP
- Rechinu
- Red Team
- Red Teaming
- RedBear
- Redline
- Reform Government Surveillance
- Reforma
- ReliaCard
- reports
- Reverse Engineering
- rEvil
- Rich Communication Services
- Richard Clayton
- Rick Cole
- right to repair
- Rob Caldwell
- Roberto Escobar
- romance scams
- Ruben Boonen
- Russia
- Ryan Warns
- Sajidur Rahman
- Sanaz Yashar
- Sandor Nemes
- Sandra Joyce
- Sanix
- Sanixer
- Sarah Hawley
- Sarah Jones
- Satnam Narang
- scanners
- Scattered Canary
- Scope
- Scott Coull
- Scott Henderson
- Scott Runnels
- Sebastian Vogl
- secret service
- secure coding
- Security
- Security Strategy
- Security threats
- securityengineering
- securitytheater
- Shambavi Sadayappan
- Shellcode
- Sideloading
- SlemBunk
- SleuthKit
- SMS
- Social Engineering
- Social Media
- Social networks
- Sodin
- Sodinokibi
- SophosLabs
- southkorea
- Spam
- Spear Phishing
- Splunk
- squid
- Stephen Davis
- Steve Miller
- StrandHogg 2.0
- stresser
- Stu Reynolds
- Sudeep Singh
- surveillance
- Swapnil Patil
- tactics
- Tara Taubman-Barissian
- Targeted Attacks
- tech support scam
- techniques
- Tenable
- The Coming Storm
- Thoufique Haq
- Threat Intelligence
- Threat Research
- threatmodels
- Time to Patch
- Timothy Parisi
- Tobias Krueger
- Todd Schell
- Toolkit
- tools
- trends
- Trevor Haskell
- Troy Hunt
- TTPs
- Tyler Dean
- U.S. Bank
- U.S. Secret Service
- unc0ver
- Uncategorized
- unemployment insurance fraud
- University of Cambridge Cybercrime Center
- UNKN
- upO
- Van Ta
- Veracode
- Vincent Cannon
- Vivalamuerte
- vulnerabilities
- Vulnerability
- war
- warrantless access
- Web Fraud 2.0
- web history
- Willi Ballenthin
- William Ballenthin
- Win10
- Windows
- Windows 10
- wireless
- Wonk
- Wu Zhou
- Xiaobo Chen
- Yogesh Londhe
- Yong Kang
- Yuri Rozhansky
- Zander Work
- Zero-day
- Zero-day Vulnerability
- Zhaofeng Chen
