Hello, welcome to the Thursday, October 28, 2021 edition of the Sansonet Storms and Stormcast.

My name is Johannes Ulrich, and today I'm recording from Al-Kobar, Saudi Arabia.

Beijing went hunting for fishing pages and came across an interesting one that likely was meant to impersonate an outlook web access

site from engineering underwriting firm Mirabalus Africa. Now, the interesting part here is also

the host name used to host a fishing site, auth.internal.

.

We know what site is likely supposed to impersonate based on comments in the code.

Also, apparently the author of the fishing site had a foresight to actually run the site through a spell checker

because there is a comment

left over from Grammaly. Outlook Web Access as well as Outlook 365 is one of the favorite

targets for fishing and one of the follow-ups is often than business email compromise.

And we now got details from Apple regarding the vulnerabilities fixed in this week's

update of note here is CVE 2021 30883. This is yet another I.O. Mobile frame buffer

vulnerability that has already been exploited

in the wild and may lead to arbitrary code execution with kernel privileges. In addition,

there are a number of other mostly approach escalation vulnerabilities that are being addressed in iOS and

macOS. And then remember, you don't have to go all the way to the latest and greatest MacOS

Monterey. There are specific security updates for older versions of MacOS. So it can still get the security benefits of these updates

without having to run into functionality issues.

And one thing, of course, people attending Sands class

and such are always worried about is VMBer Fusion on Macs.

As long as you have an Intel Mac,

...