Brought to you by Gigamon

Network-Level Intelligence for Observability Tools

Show notes

Apple iPhone security update points to growing problem of 'zero days'

Apple urges security update after new iMessage flaw disclosed

Apple patches an NSO zero-day flaw affecting all devices | TechCrunch

(8) Shane Huntley on Twitter: "@riskybusiness Let’s not jump to the conclusion that NSO have an endless supply of zero click exploits and there is nothing that can be done. Security nihilism and learned helplessness plays into attackers’ hands. We can make progress here." / Twitter

Warning: Update Chrome Now As Hackers Attack Two Major Vulnerabilities In Google Browser

Microsoft Windows 10 Windows Server Office CVE-2021-40444 0day attack

Microsoft patches Office zero-day in today's Patch Tuesday - The Record by Recorded Future

CISA warns of Zoho server zero-day exploited in the wild - The Record by Recorded Future

“Secret” Agent Exposes Azure Customers To Unauthorized Code Execution | Wiz Blog

(8) Ami Luttwak on Twitter: "@GossiTheDog This is even more severe. The RCE is the simplest RCE you can ever imagine. Simply remove the auth header and you are root. remotely. on all machines. Is this really 2021? https://t.co/iIHNyqgew4" / Twitter

Cross-Account Container Takeover in Azure Container Instances

VMware denies allegations it leaked Confluence RCE exploit | The Daily Swig

US fines former NSA employees who provided hacker-for-hire services to UAE - The Record by Recorded Future

Three Former U.S. Intelligence Community and Military Personnel Agree to Pay More Than $1.68 Million to Resolve Criminal Charges Arising from Their Provision of Hacking-Related Services to a Foreign Government | OPA | Department of Justice

Hacking Team Customer in Turkey Was Arrested for Spying on Police Colleagues [or: The Spy Story That Spun a Tangled Web] - by Kim Zetter - Zero Day

Exclusive: Wide-ranging SolarWinds probe sparks fear in Corporate America | Reuters

Chad Loder on Twitter: "Anonymous has just announced a massive hack of Epik, long known as the hosting provider of choice for neonazis, right-wing extremists, and other Internet trash. Anonymous are releasing a decade's worth of detailed Epik customer & domain data, passwords, emails, and private keys. https://t.co/3rbfonegtq" / Twitter

Anonymous Claims It Hacked Everything From Nazis' Favorite Web Host

Wikimedia bans seven Chinese users citing "security risk" - The Record by Recorded Future

Report: Beijing, Moscow step up efforts to control the Internet’s backbone - The Record by Recorded Future

Australia supplants China to build undersea cable for Solomon Islands | Solomon Islands | The Guardian

Indonesian intelligence agency compromised in suspected Chinese hack - The Record by Recorded Future

OWASP Top 10 ranking has a new leader after ten years - The Record by Recorded Future

Encrypted Phone Firm Ciphr, Used by Criminals, Moves to Cut Off Australia

Technology giant Olympus hit by BlackMatter ransomware | TechCrunch

U.S. Cyber Czar: Too soon to tell if Russia ransomware has stopped - The Record by Recorded Future

'No indication' Russia has cracked down on ransomware gangs, top FBI official says - The Record by Recorded Future

Groove ransomware gang is a motley crew of disgruntled hackers, researchers say

Bail services affected in South Africa after ransomware attack - The Record by Recorded Future

Hackers stole Puma source code, no customer data, company says - The Record by Recorded Future

WhatsApp adds end-to-end encryption to chat backups, locking up data in the cloud

New CPU side-channel attack takes aim at Chrome's Site Isolation feature - The Record by Recorded Future

Fortinet warns customers after hackers leak passwords for 87,000 VPNs - The Record by Recorded Future

New York State vaccine pass shortcomings offer lessons for other coronavirus app developers | The Daily Swig

(5) Thái "thaidn" Dương on Twitter: "Hanoi citizens currently have to apply for a COVID movement pass in order to go outside. Each pass is QR code containing the holder's name and dates they're allowed to go out. The data are signed with RSA, to prevent fake passes. @0xfatty found that it's using 512-bit keys =)" / Twitter

(4,319) Find a vaccination clinic in New South Wales - COVID-19 Near Me

(5) ken tsang (@jxeeno) / Twitter

Why I decided to build my own vaccine booking search engine instead of using the Government’s one | by Ken Tsang | Sep, 2021 | Medium