DISC InfoSec blog

Google TAG researchers discovered that threat actors leveraged a zero-day vulnerability in macOS in a watering hole campaign aimed at delivering malware to users in Hong Kong. The attackers exploited a XNU privilege escalation vulnerability (CVE-2021-30869) unpatched in macOS Catalina The watering hole campaign targeted websites of a media outlet and important pro-democracy labor and political […]

Countdown to #ZeroDay: #Stuxnet and the Launch of the World’s First #DigitalWeapon

What’s the craic? Aunty Beeb’s anonymous scribblers sit back and wonder why—“Iran says key Natanz nuclear facility hit by sabotage”:  The country’s top nuclear official … Ali Akbar Salehi, did not say who was to blame for the “terrorist act”, which caused a power failure … a day after it unveiled new uranium enrichment equipment. … Israeli public media, however, […]

Google’s Project Zero discovered, and caused to be patched, eleven zero-day exploits against Chrome, Safari, Microsoft Windows, and iOS. This seems to have been exploited by “Western government operatives actively conducting a counterterrorism operation”: The exploits, which went back to early 2020 and used never-before-seen techniques, were “watering hole” attacks that used infected websites to deliver malware to visitors. […]

Stuxnet Malware Analysis By Amr Thabet Stuxnet videos library History of Stuxnet – Previous articles | DISC InfoSec blog What is Stuxnet, who created it and how does it work? | CSO Online GitHub – micrictor/stuxnet: Open-source decompile of Stuxnet/myRTUs Stuxnet Source Code Released Online – Download Now Stuxnet Family Tree Grows  Subscribe in a […]