An email you haven't even looked at yet could be used to trick Outlook into helping crooks to logon as you.
Category: Zero Day
Latest episode - listen now! (Full transcript inside.)
Everyone update now! Except for those who don't need to! Or who need to but will only get updates later on, though Apple isn't saying yet!
Lastest episode - listen now! (Or read the transcript.)
Don't delay, especially if you're still running an iOS 12 device... please do it today!
The most recent iPhone update—to version 16.1.2—patches a zero-day vulnerability that “may have been actively exploited against versions of iOS released before iOS 15.1.”
News:
Apple said security researchers at Google’s Threat Analysis Group, which investigates nation state-backed spyware, hacking and cyberattacks, discovered and reported the WebKit bug.
WebKit bugs are often exploited when a person visits a malicious domain in their browser (or via the in-app browser). It’s not uncommon for bad actors to find vulnerabilities that target WebKit as a way to break into the device’s operating system and the user’s private data. WebKit bugs can be “chained” to other vulnerabilities to break through multiple layers of a device’s defenses.
Return o' the rookit, super-sneaky wireless spyware, credit card skimming, and patches galore. Listen and learn!
Ninth more unto the breach, dear friends, ninth more.
There isn't a rhyme to remind you which months have browser zero-days... you just have to keep your eyes and ears open!
Review your servers, your patches and your authentication policies - there's a proof-of-concept out