3 Apple Zero Days Publicly Released; FBI Withholds Ransomware Decryptor Key - ThreatWire (AUDIO ONLY) (Patreon)

Click for links and more info ⬇️⬇️⬇️

100,000 credentials leaked due to an autodiscover flaw, 3 Apple zero days were published online, and the FBI secretly held a ransomware decryptor key! All that coming up now on ThreatWire.

 #threatwire #hak5

Links:

Weekly security and privacy news, brought to you by Shannon Morse. ThreatWire is a weekly news journalism show covering security and privacy topics for network admins, information security professionals, and consumers.

Watch this on youtube (video may be “private” until the scheduled publish time): https://youtu.be/2XZqx6Coa2Y

Shop ThreatWire Merch Directly! - https://snubsie.com/shop

Shop ThreatWire Merch on Teespring! - https://morsecode.creator-spring.com/ 

Support ThreatWire!  https://www.patreon.com/threatwire 

Follow Shannon on Social Media: https://snubsie.com/links 

Links:

Links:

100k windows exchange emails

https://www.bleepingcomputer.com/news/microsoft/microsoft-rushes-to-register-autodiscover-domains-leaking-credentials/

https://www.guardicore.com/labs/autodiscovering-the-great-leak/

https://thehackernews.com/2021/09/microsoft-exchange-bug-exposes-100000.html

https://arstechnica.com/information-technology/2021/09/exchange-outlook-autodiscover-bug-exposed-100000-email-passwords/

https://www.bleepingcomputer.com/news/microsoft/microsoft-rushes-to-register-autodiscover-domains-leaking-credentials/

https://www.blackhat.com/asia-17/briefings/schedule/#all-your-emails-belong-to-us-exploiting-vulnerable-email-clients-via-domain-name-collision-5301

https://github.com/guardicore/labs_campaigns/tree/master/Autodiscover

Apple Stuff:

https://arstechnica.com/information-technology/2021/09/three-ios-0-days-revealed-by-researcher-frustrated-with-apples-bug-bounty/

https://www.bleepingcomputer.com/news/security/researcher-drops-three-ios-zero-days-that-apple-refused-to-fix/

https://habr.com/en/post/579714/

https://www.vice.com/en/article/k78dpx/researcher-publishes-source-code-for-three-unpatched-iphone-exploits

https://habr.com/en/post/580272/

https://www.reddit.com/r/jailbreak/comments/pvaztb/free_release_entitlementfix_workaround_for_the_3/

Ransomware Key

https://arstechnica.com/gadgets/2021/07/kaseya-gets-master-decryptor-to-help-customers-still-suffering-from-revil-attack/

https://arstechnica.com/information-technology/2021/09/ransomware-victims-panicked-while-fbi-secretly-held-revil-decryption-key/

https://www.cnet.com/tech/services-and-software/fbi-reportedly-withheld-ransomware-key-from-business-for-3-weeks-in-failed-sting/

https://twitter.com/BitdefenderLabs/status/1438489191491440646?s=20

https://www.washingtonpost.com/national-security/ransomware-fbi-revil-decryption-key/2021/09/21/4a9417d0-f15f-11eb-a452-4da5fe48582d_story.html

Hak5 -- Cyber Security Education, Inspiration, News & Community since 2005:

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Our Site → https://www.hak5.org

Shop →  http://hakshop.myshopify.com/

Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1

Support → https://www.patreon.com/threatwire

Contact Us → http://www.twitter.com/hak5

Threat Wire RSS → https://shannonmorse.podbean.com/feed/

Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

____________________________________________

Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.