Tuesday, March 2, 2021
Apple

Apple Security Advisory 2021-02-09-1

Apple Security Advisory 2021-02-09-1 - macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, and macOS Mojave 10.14.6 Security Update 2021-002 address code execution and out of bounds write vulnerabilities.
Apple

Apple CoreText libType1Scaler.dylib Out-Of-Bounds Write / Integer Overflow

Apple CoreText libType1Scaler.dylib suffers from a heap out-of-bounds-write due to an integer overflow vulnerability in STOREWV othersubr.
Apple

Apple CoreText libFontParser.dylib Stack Corruption

Apple CoreText libFontParser.dylib suffers from a stack corruption vulnerability in the handling of /BlendDesignPositions Type 1 objects.
Apple

Apple CoreText libType1Scaler.dylib Buffer Overflow

Apple CoreText libType1Scaler.dylib suffers from a heap buffer overflow vulnerability in the Counter Control Hints.
Apple

Apple CoreText libType1Scaler.dylib Memory Disclosure

Apple CoreText libType1Scaler.dylib suffers from a memory disclosure vulnerability via an uninitialized transient array.
Apple

Apple Safari Remote Code Execution

Apple Safari is susceptible to a remote code execution vulnerability via an undefined othersubr in Type 1 fonts handled by libType1Scaler.dylib on macOS and iOS.
Apple

Apple Security Advisory 2021-02-01-4

Apple Security Advisory 2021-02-01-4 - watchOS 7.3 addresses bypass, code execution, denial of service, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
Apple

Apple Security Advisory 2021-02-01-3

Apple Security Advisory 2021-02-01-3 - tvOS 14.4 addresses bypass, code execution, denial of service, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
Apple

Apple Security Advisory 2021-02-01-2

Apple Security Advisory 2021-02-01-2 - iOS 14.4 and iPadOS 14.4 addresses buffer overflow, bypass, code execution, denial of service, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
Apple

Apple Security Advisory 2021-02-01-1

Apple Security Advisory 2021-02-01-1 - macOS Big Sur 11.2, Security Update 2021-001 Catalina, and Security Update 2021-001 Mojave address buffer overflow, bypass, code execution, denial of service, integer overflow, out of bounds read, out of bounds write, and use-after-free...
Apple

Apple Security Advisory 2021-01-26-4

Apple Security Advisory 2021-01-26-4 - Xcode 12.4 addresses a path handling issue.
Apple

Apple Security Advisory 2021-01-26-3

Apple Security Advisory 2021-01-26-3 - watchOS 7.3 addresses a race condition vulnerability.
Apple

Apple Security Advisory 2021-01-26-2

Apple Security Advisory 2021-01-26-2 - tvOS 14.4 addresses a race condition vulnerability.
Apple

Apple Security Advisory 2021-01-26-1

Apple Security Advisory 2021-01-26-1 - iOS 14.4 and iPadOS 14.4 address race condition and arbitrary code execution vulnerabilities.
Apple

Apple Security Advisory 2020-12-14-4

Apple Security Advisory 2020-12-14-4 - macOS Big Sur 11.0.1 addresses buffer overflow, bypass, code execution, denial of service, information leakage, integer overflow, out of bounds read, out of bounds write, path sanitization, spoofing, and use-after-free vulnerabilities.
SecurityWeek

Dairy Giant Lactalis Targeted by Hackers

France-based dairy giant Lactalis revealed last week that it was targeted by hackers, but claimed that it had found no evidence of a data breach. The company said a malicious third party attempted to breach its computer network, but it...
Graham Cluley

Crypto firm Tether says it won’t pay $24 million ransom after being threatened with document leak

Controversial cryptocurrency developer Tether says it will not give in to extortionists who are demanding a 500 Bitcoin ransom payment (currently worth approximately US $24 million).
Bruce Schneier

Mysterious Macintosh Malware

This is weird: Once an hour, infected Macs check a control server to see if there are any new commands the malware should run or binaries to execute. So far, however, researchers have yet to observe delivery of any payload...

What Did I Just Read? A Conversation With the Authors of '2034'

Elliot Ackerman and Admiral James Stavridis discuss their inspirations, personal experiences, and what keeps them up at night.

2034, Part VI: Crossing the Red Line

“Eventually, the Americans would find them. But by then it would be too late.”