Shannon Morse

3 Apple Zero Days Publicly Released; FBI Withholds Ransomware Decryptor Key - ThreatWire (Patreon)

Published:

2021-09-28 15:00:06

Imported:

2022-07

Content

Click for links and more info ⬇️⬇️⬇️

100,000 credentials leaked due to an autodiscover flaw, 3 Apple zero days were published online, and the FBI secretly held a ransomware decryptor key! All that coming up now on ThreatWire.

#threatwire #hak5

Links:

Weekly security and privacy news, brought to you by Shannon Morse. ThreatWire is a weekly news journalism show covering security and privacy topics for network admins, information security professionals, and consumers.

Watch this on youtube (video may be “private” until the scheduled publish time): https://youtu.be/2XZqx6Coa2Y

Shop ThreatWire Merch Directly! - https://snubsie.com/shop

Shop ThreatWire Merch on Teespring! - https://morsecode.creator-spring.com/

Support ThreatWire! https://www.patreon.com/threatwire

Follow Shannon on Social Media: https://snubsie.com/links

Links:

100k windows exchange emails

https://www.bleepingcomputer.com/news/microsoft/microsoft-rushes-to-register-autodiscover-domains-leaking-credentials/

https://www.guardicore.com/labs/autodiscovering-the-great-leak/

https://thehackernews.com/2021/09/microsoft-exchange-bug-exposes-100000.html

https://arstechnica.com/information-technology/2021/09/exchange-outlook-autodiscover-bug-exposed-100000-email-passwords/

https://www.bleepingcomputer.com/news/microsoft/microsoft-rushes-to-register-autodiscover-domains-leaking-credentials/

https://www.blackhat.com/asia-17/briefings/schedule/#all-your-emails-belong-to-us-exploiting-vulnerable-email-clients-via-domain-name-collision-5301

https://github.com/guardicore/labs_campaigns/tree/master/Autodiscover

Apple Stuff:

https://arstechnica.com/information-technology/2021/09/three-ios-0-days-revealed-by-researcher-frustrated-with-apples-bug-bounty/

https://www.bleepingcomputer.com/news/security/researcher-drops-three-ios-zero-days-that-apple-refused-to-fix/

https://habr.com/en/post/579714/

https://www.vice.com/en/article/k78dpx/researcher-publishes-source-code-for-three-unpatched-iphone-exploits

https://habr.com/en/post/580272/

https://www.reddit.com/r/jailbreak/comments/pvaztb/free_release_entitlementfix_workaround_for_the_3/

Ransomware Key

https://arstechnica.com/gadgets/2021/07/kaseya-gets-master-decryptor-to-help-customers-still-suffering-from-revil-attack/

https://arstechnica.com/information-technology/2021/09/ransomware-victims-panicked-while-fbi-secretly-held-revil-decryption-key/

https://www.cnet.com/tech/services-and-software/fbi-reportedly-withheld-ransomware-key-from-business-for-3-weeks-in-failed-sting/

https://twitter.com/BitdefenderLabs/status/1438489191491440646?s=20

https://www.washingtonpost.com/national-security/ransomware-fbi-revil-decryption-key/2021/09/21/4a9417d0-f15f-11eb-a452-4da5fe48582d_story.html

Hak5 -- Cyber Security Education, Inspiration, News & Community since 2005:

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Our Site → https://www.hak5.org

Shop → http://hakshop.myshopify.com/

Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1

Support → https://www.patreon.com/threatwire

Threat Wire RSS → https://shannonmorse.podbean.com/feed/

Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

____________________________________________

Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.

Files

3 Apple Zero Days Publicly Released; FBI Withholds Ransomware Decryptor Key - ThreatWire

Click for links and more info ⬇️⬇️⬇️ 100,000 credentials leaked due to an autodiscover flaw, 3 Apple zero days were published online, and the FBI secretly held a ransomware decryptor key! All that coming up now on ThreatWire. #threatwire #hak5 Links: Weekly security and privacy news, brought to you by Shannon Morse. ThreatWire is a weekly news journalism show covering security and privacy topics for network admins, information security professionals, and consumers. Watch this on youtube (video may be “private” until the scheduled publish time): https://youtu.be/2XZqx6Coa2Y Shop ThreatWire Merch Directly! - https://snubsie.com/shop Shop ThreatWire Merch on Teespring! - https://morsecode.creator-spring.com/ Support ThreatWire! https://www.patreon.com/threatwire Follow Shannon on Social Media: https://snubsie.com/links Links: Read all the links via the RSS feed: https://shannonmorse.podbean.com/ Due to Youtube’s bots flagging my source links as “hacking”, you can now find all future link databases via the RSS link (down below) and via the the ThreatWire patreon page (each video post for each episode is a public post and you do not have to be a member to view these). Hak5 -- Cyber Security Education, Inspiration, News & Community since 2005: -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆ Our Site → https://www.hak5.org Shop → http://hakshop.myshopify.com/ Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1 Support → https://www.patreon.com/threatwire Contact Us → http://www.twitter.com/hak5 Threat Wire RSS → https://shannonmorse.podbean.com/feed/ Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999 -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆ ____________________________________________ Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.