Saturday, January 11

Tag: cross-site scripting

Nov242024 by adminNo Comments
Apple addresses 2 iPhone, Mac zero-days

Apple addresses 2 iPhone, Mac zero-days

Technology
Two zero-day vulnerabilities revealed in Apple's os might have permitted approximate code execution and cross-site scripting attacks By Alex Scroxton, Security Editor Released: 20 Nov 2024 16:28 Apple has actually dropped a series of software application updates throughout its different line of product as it intends to fend off the effect of 2 recently found zero-days, both of which might have currently been made use of in the wild. The repairs for CVE-2024-44308 and CVE-2024-44309-- both credited to Clément Lecigne and Benoît Sevens of the Google Threat Analysis Group-- impact gadgets running iOS and iPadOS 17.7.2 and 18.1.1, macOS Sequoia 15.1.1, and visionOS 2.1...
Read More
Sep212024 by adminNo Comments
Hackers now utilize AppDomain Injection to drop CobaltStrike beacons

Hackers now utilize AppDomain Injection to drop CobaltStrike beacons

Technology
A wave of attacks that began in July 2024 count on a less typical strategy called AppDomain Manager Injection, which can weaponize any Microsoft.NET application on Windows. The method has actually been around because 2017, and several proof-of-concept apps have actually been launched for many years. It is usually utilized in red group engagements and seldomly observed in harmful attacks, with protectors not actively monitoring it. The Japanese department of NTT has actually tracked attacks that end with releasing a CobaltStrike beacon that targeted federal government companies in Taiwan, the military in the Philippines, and energy companies in Vietnam. Strategies, strategies, and treatments, and infrastructural overlaps with current AhnLab reports and other sources, recommend that the Chi...
Read More