home.social

#blastpass — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #blastpass, aggregated by home.social.

  1. Looking for some help, my company might not be able to fully patch CVE-2023-4863 aka BLASTPASS for a few days. Does anyone know a way of detecting exploitation of this through Splunk? Can you see it in web server logs? Next-gen firewall? WAF? I’m not seeing much info online about how to detect the exploitation.

    #libwebp #cve20234863 #blastpass #splunk #siem

  2. Looking for some help, my company might not be able to fully patch CVE-2023-4863 aka BLASTPASS for a few days. Does anyone know a way of detecting exploitation of this through Splunk? Can you see it in web server logs? Next-gen firewall? WAF? I’m not seeing much info online about how to detect the exploitation.

    #libwebp #cve20234863 #blastpass #splunk #siem

  3. Looking for some help, my company might not be able to fully patch CVE-2023-4863 aka BLASTPASS for a few days. Does anyone know a way of detecting exploitation of this through Splunk? Can you see it in web server logs? Next-gen firewall? WAF? I’m not seeing much info online about how to detect the exploitation.

    #libwebp #cve20234863 #blastpass #splunk #siem

  4. Looking for some help, my company might not be able to fully patch CVE-2023-4863 aka BLASTPASS for a few days. Does anyone know a way of detecting exploitation of this through Splunk? Can you see it in web server logs? Next-gen firewall? WAF? I’m not seeing much info online about how to detect the exploitation.

    #libwebp #cve20234863 #blastpass #splunk #siem

  5. Looking for some help, my company might not be able to fully patch CVE-2023-4863 aka BLASTPASS for a few days. Does anyone know a way of detecting exploitation of this through Splunk? Can you see it in web server logs? Next-gen firewall? WAF? I’m not seeing much info online about how to detect the exploitation.

    #libwebp #cve20234863 #blastpass #splunk #siem

  6. Good Morning, story so far on the next log4j level #vulnerability #CVE20234863 #CVE20235129
    #0day #Chrome #iOS

    • libwebp library is vulnerable to heap overflow and can lead to RCE.
    • Apple assigned #CVE202341064 and #CVE202341061. Also actively exploited by #blastpass
    • #Google assigned #CVE20235129 for Chrome 0day and also exploited
    • Millions of apps and software use this library. See list sofar in 🧵
    • #CVE20235129 was rejected by NVD earlier due to all this confusion of several vendors assigning CVEs affecting their products
    • This will lead to vulnerability scanners not being able to correctly identify if your assets are affected with libwebp. #infosec #sectoot
  7. Good Morning, story so far on the next log4j level #vulnerability #CVE20234863 #CVE20235129
    #0day #Chrome #iOS

    • libwebp library is vulnerable to heap overflow and can lead to RCE.
    • Apple assigned #CVE202341064 and #CVE202341061. Also actively exploited by #blastpass
    • #Google assigned #CVE20235129 for Chrome 0day and also exploited
    • Millions of apps and software use this library. See list sofar in 🧵
    • #CVE20235129 was rejected by NVD earlier due to all this confusion of several vendors assigning CVEs affecting their products
    • This will lead to vulnerability scanners not being able to correctly identify if your assets are affected with libwebp. #infosec #sectoot
  8. Good Morning, story so far on the next log4j level #vulnerability #CVE20234863 #CVE20235129
    #0day #Chrome #iOS

    • libwebp library is vulnerable to heap overflow and can lead to RCE.
    • Apple assigned #CVE202341064 and #CVE202341061. Also actively exploited by #blastpass
    • #Google assigned #CVE20235129 for Chrome 0day and also exploited
    • Millions of apps and software use this library. See list sofar in 🧵
    • #CVE20235129 was rejected by NVD earlier due to all this confusion of several vendors assigning CVEs affecting their products
    • This will lead to vulnerability scanners not being able to correctly identify if your assets are affected with libwebp. #infosec #sectoot
  9. Good Morning, story so far on the next log4j level #vulnerability #CVE20234863 #CVE20235129
    #0day #Chrome #iOS

    • libwebp library is vulnerable to heap overflow and can lead to RCE.
    • Apple assigned #CVE202341064 and #CVE202341061. Also actively exploited by #blastpass
    • #Google assigned #CVE20235129 for Chrome 0day and also exploited
    • Millions of apps and software use this library. See list sofar in 🧵
    • #CVE20235129 was rejected by NVD earlier due to all this confusion of several vendors assigning CVEs affecting their products
    • This will lead to vulnerability scanners not being able to correctly identify if your assets are affected with libwebp. #infosec #sectoot
  10. Good Morning, story so far on the next log4j level #vulnerability #CVE20234863 #CVE20235129
    #0day #Chrome #iOS

    • libwebp library is vulnerable to heap overflow and can lead to RCE.
    • Apple assigned #CVE202341064 and #CVE202341061. Also actively exploited by #blastpass
    • #Google assigned #CVE20235129 for Chrome 0day and also exploited
    • Millions of apps and software use this library. See list sofar in 🧵
    • #CVE20235129 was rejected by NVD earlier due to all this confusion of several vendors assigning CVEs affecting their products
    • This will lead to vulnerability scanners not being able to correctly identify if your assets are affected with libwebp. #infosec #sectoot
  11. Security Alert: Please be sure to update your #Apple #iPhone!

    Last week, while checking the device of an individual employed by a Washington DC-based civil society organization with international offices, #CitizenLab found an actively exploited zero-click vulnerability being used to deliver #NSO Group’s #Pegasus mercenary #spyware.
    #BlastPass #ZeroDay #ZeroClic
    citizenlab.ca/2023/09/blastpas

  12. New actively exploited zero-day vulnerabilities (CVE-2023-41064 and CVE-2023-4106) in iOS have been disclosed by researchers from @[email protected].

    The vulnerabilities are being used by the "BLASTPASS" exploit to deploy NSO Group's Pegasus mercenary spyware. The exploit involves a PassKit attachment that contains malicious images sent from an attacker iMessage account to its victim. The researchers also note that no user interaction is required by the victim for this exploit to work.

    Apple has since released patches for this zero-day vulnerability. Both Apple & Citizen Lab urges iPhone users to update as soon as possible.

    https://citizenlab.ca/2023/09/blastpass-nso-group-iphone-zero-click-zero-day-exploit-captured-in-the-wild/

    Apple security advisory:
    https://support.apple.com/en-us/HT213905

    #infosec #cybersecurity #zeroday #blastpass #citizenlab #nsogroup #pegasus #spyware #iOS #iPhone #iMessage #patchnow