Hello, welcome to the Friday, February 11th, 2020 edition of the Sansonet Storm Center's Stormcast. My name is Johannes Ulrich and I'm recording from Jacksonville, Florida.

Today we've got an emergency patch from Apple. This patch fixes a single vulnerability in WebKit and effects MacOS Monoray, iPadOS, iOS,

and then we also have a standalone update for Safari that is for MacOS, Bixer, and Catalina,

so for the last two versions of a macOS.

The individual flaw being patched here is CVE 2020, 22620.

Like I said, it's a web kit vulnerability that can lead to arbitrary code execution.

So typically this would be exploited via a malicious website that's viewed

in Safari. But WebKit can also be used in other components within these operating systems

that display HTML content. What made this patch so urgent is that it was already being exploited in the wild

and not sure if you're following some of discussions around NSO group and similar companies

that have used some of these unpublished vulnerabilities in the past. I believe part of the

cleanup around all of this triggered this reasons

that of increase in these kind of vulnerabilities and related patches.

I believe this is the third one now that we had within a couple months.

And then in more sort of run-off the mill exploits, we did see an increase in our honeypots

for hits that looked for a psych cell network accessible storage vulnerability.

The reason I kind of point this one out is not because it's really super recent.

It's about a year old this vulnerability, but when

it originally became public, it was after the exploit was already traded sort of in underground

forums. About half a year ago, it certainly has been seen exploited rather widely, but then again, these network-accessible storage

devices really are a little bit sort of a focus of mine lately, because I see so many people

are using them and exposing them to the internet, because that's sort of how they're advertised.

...