all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

The Latest Exploit (BLASTPASS) in the Ongoing NSOZero-Click/Zero-Day Exploitation Campaign

Add to bookmarks
Dec. 15, 2023, 10:37 p.m. | SANS Offensive Operations

SANS Offensive Operations www.youtube.com

In this session, SANS Senior Instructor Christopher Crowley discusses the recent BLASTPASS exploit chain for (CVE-2023-41064 and CVE-2023-41061) attributed to NSO by CitizenLab (CA), targeting the PassKit iOS component intended for the distribution of passes (coupons and tickets).

This complex and effective exploit was discovered in the wild and required no user interaction to gain complete control of Apple iOS mobile devices running the 16.6 (latest at the time) iOS version. Because of the nature of the pass distribution for …

blastpass campaign citizenlab click cve cve-2023-41061 cve-2023-41064 distribution exploit exploitation exploit chain ios latest nso sans session targeting tickets zero-day

Visit resource

More from www.youtube.com / SANS Offensive Operations

Mastering Adversary Emulation with Caldera: A Practical Guide 1 month, 3 weeks ago | www.youtube.com
adversary adversary emulation application bolster +16
The Second Rule of Hacking: There Are No Rules 1 month, 3 weeks ago | www.youtube.com
attacks block businesses cat +13
From Pentest to Red Team: Overview of The Necessary Skills and Breakdown of Frameworks 1 month, 3 weeks ago | www.youtube.com
dave frameworks guide informative +10
OT Pen-testing: How Not to Sink an Oil Rig 1 month, 3 weeks ago | www.youtube.com
adversary adversary emulation application bolster +19
Fortifying Resilience: An In-Depth Exploration of the Overall Product Security Assessment Poster 1 month, 3 weeks ago | www.youtube.com
assessment attacks author course +16
SANS Pen Test 2024: A Sneak Peek Into All That's in Store! 2 months, 1 week ago | www.youtube.com
austin cybersecurity cybersecurity innovation cybersecurity training +20
SANS Pen Test 2024: A Sneak Peek Into All That's in Store! 2 months, 1 week ago | www.youtube.com
austin cybersecurity cybersecurity innovation cybersecurity training +20
Learn About SEC565: Red Team Operations and Adversary Emulation 3 months ago | www.youtube.com
adversary adversary emulation course emulation +21
A Compendium of Exploits and Bypasses for eBPF-based Cloud Security 4 months, 2 weeks ago | www.youtube.com
basic cloud cloud security ebpf +13

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Security Analyst

@ Northwestern Memorial Healthcare | Chicago, IL, United States
View on infosec-jobs.com

GRC Analyst

@ Richemont | Shelton, CT, US
View on infosec-jobs.com

Security Specialist

@ Peraton | Government Site, MD, United States
View on infosec-jobs.com

Information Assurance Security Specialist (IASS)

@ OBXtek Inc. | United States
View on infosec-jobs.com

Cyber Security Technology Analyst

@ Airbus | Bengaluru (Airbus)
View on infosec-jobs.com

Vice President, Cyber Operations Engineer

@ BlackRock | LO9-London - Drapers Gardens
View on infosec-jobs.com
View more jobs