Exploit Archives - IT LinesIT Lines

S3 Ep60: Exchange exploit, GoDaddy breach and cookies made public [Podcast]

25 Nov, 2021 Cookies, data breach, Exchange, Exploit, GoDaddy, Naked Security Podcast, Passwords, podcast, Security News, Vulnerability 0 Comments 0

Latest episode – listen now! Solid cybersecurity advice in plain English.

S3 Ep52: Let’s Encrypt, Outlook leak, and VMware exploit [Podcast]

30 Sep, 2021 Apple, Cryptography, Exploit, iPhone, Lets Encrypt, Naked Security Podcast, podcast, Security News, TLS, vmware, zero day 0 Comments 0

Latest episode – listen now!

iOS 15 includes Face ID fix for security bypass using fake heads

21 Sep, 2021 Apple, Exploit, FORCEDENTRY, iOS, iOS 15, OS-X, patch, Security News, Vulnerability 0 Comments 0

Fake heads! (Cue dystopian scifi music.)

OMIGOD, an exploitable hole in Microsoft open source code!

16 Sep, 2021 CVE-2021-38647, Exploit, Linux, Microsoft, OMI, OMIGOD, RCE, Security News, Vulnerability, Wiz, WMI 0 Comments 0

Got Linux? Here’s a bug you weren’t expecting, in software you might not know you have.

Apple products vulnerable to FORCEDENTRY zero-day attack – patch now!

14 Sep, 2021 Apple, CVE-2021-30560, CVE-2021-30858, Exploit, Hacking, iOS, NSO, OS-X, Security News, zero day 0 Comments 0

Double trouble: two zero-days, patched in the same emergency update. So please don’t delay – patch today!

Microsoft researcher found Apple 0-day in March, didn’t report it

29 Jul, 2021 Apple, disclosure, Exploit, Microsoft, Security News, Vulnerability 0 Comments 0

by Paul Ducklin Yesterday, we wrote about a vaguely mysterious zero-day patch pushed out by Apple. Like almost all Apple security fixes, the update arrived without any sort of warning, but unlike most Apple updates, only a single bug was listed on the “fix list,” and even by Apple’s brisk . . . Read more

Apple emergency zero-day fix for iPhones and Macs – get it now!

27 Jul, 2021 Apple, CVE-2021-30807, Exploit, iOS, iPad, iPhone, Mac, OS-X, Security News, Vulnerability, zero day 0 Comments 0

by Paul Ducklin You might be forgiven for thinking that July 2021 was Microsoft’s month for cybersecurity vulnerabilities. First there was PrintNightmare in several guises, followed by HiveNightmare (an entirely unrelated bug that nevertheless attracted the “Nightmare” moniker), followed by PetitPotam (which went down the cute aquatic mammal naming path). . . . Read more

Apple iPhone patches are out – no news if recent Wi-Fi bug is fixed

20 Jul, 2021 Apple, Exploit, iOS, iPhone, Security News, Vulnerability 0 Comments 0

by Paul Ducklin It’s already nearly two months since Apple’s last security update to iOS 14, which was back on 2021-05-24 when iOS 14.6 appeared. So we weren’t surprised to see that another patch is out, officially listed [2021-07-19] as covering iOS (now on 14.7), tvOS (now also 14.7) and . . . Read more

The Code Red worm 20 years on – what have we learned?

15 Jul, 2021 Code Red, Exploit, IIS, Malware, Security News, virus, Vulnerability, worm 0 Comments 0

by Paul Ducklin There’s a famous and very catchy song that starts, “It was 20 years ago today…” In the song, of course, Sergeant Pepper was busily teaching his band to play – a band, as the song assures us, that was guaranteed to raise a smile. But can you . . . Read more

Dell fixes exploitable holes its own firmware update driver – patch now!

05 May, 2021 CVE-2021-21551, Dell, Exploit, kernel driver, Security News, Vulnerability 0 Comments 0

by Paul Ducklin Researchers at SentinelLabs say that they found various exploitable bugs in one of Dell’s Windows kernel drivers, which they reported back in December 2020. There were five related bugs, now collectively dubbed CVE-2021-21551. Dell has now issued a patch for these vulnerabilities (the official update is dated . . . Read more

What's Your IT Question?

All posts in Exploit