Volexity

Microsoft has released emergency patches for Exchange

Microsoft has released emergency patches for four 0-day vulnerabilities found in the code of the Exchange mail server (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065). The company warned that Chinese hackers from the Hafnium group are already exploiting these problems. For starting the attack, hackers only need to gain access to the local Microsoft Exchange server on port 443. CVE-2021-26855 – SSRF vulnerability that allowed sending arbitrary HTTP requests and bypassing authentication. CVE-2021-26857 – Unified Messaging deserialization issue. Using this bug gave a hacker the ability to run code with SYSTEM privileges on the Exchange server. For the exploit to work properly, administrator rights or another vulnerability were required. CVE-2021-26858 – An arbitrary file write vulnerability (after authentication with Exchange). CVE-2021-27065 is …

Microsoft has released emergency patches for Exchange Read More »

emergency patches for Exchange

For iOS was discovered a new exploit, with the help of which China traced the Uyghurs

Specialists of the information security company Volexity discovered a new exploit for iOS called Insomnia. According to the researchers, the malware associated with the efforts of the Chinese authorities to trace the Muslim national minority, the Uyghurs, who live mainly in Xinjiang province. esearchers say that Insomnia works against iOS versions 12.3, 12.3.1 and 12.3.2. Moreover, Apple fixed the vulnerability in the heart of the exploit back in July 2019 by releasing iOS 12.4. The exploit was actively used against users in the period from January to March 2020. According to the company, it was downloaded to the devices of users who visited a number of Uyghur sites (in particular akademiye[.]Org). After infection, Insomnia provided root access to infected devices, …

For iOS was discovered a new exploit, with the help of which China traced the Uyghurs Read More »

Discovered new exploit for iOS
Scroll to Top