Hello, welcome to the Wednesday, October 27, 2021 edition of the Sandcent Storm Center's Stormcast.

My name is Johannes Ulrich and I'm recording from Alcobar, Saudi Arabia.

Apple released its new operating system, Monoray, and with that we got a number of security updates.

Sad part is we don't really know what security vulnerabilities are being fixed.

It states on Apple's security updates page that there will be details released shortly,

so maybe by tomorrow we do have some more details.

This also affects iOS, watchOS, TVOS, and iPad OS.

All of these operating systems have been updated, and there was also a security update for macOS bixer but then again no details available at this point

it's also noteworthy that if you received a new mac this week that had a macOS monoray

pre-installed there is also an update for you mac macOS Monoray 1201, which is the version that was

then released for download, does include additional security updates. And according to a blog post

by researchers from Inky, it looks like Craigslist, maybe subject to some form of breach

that allowed an attacker to send email on Craigslist's behalf.

The emails in question are only sent to active Craigslist users, and they originated from

an IP address that is actually associated with

Craigslist and did pass SPF and decim checks. I haven't seen anything from Craigslist about

this incident. Of course, there's always a chance that they may have just abused the internal

messaging function

or something like this.

The emails themselves claimed that the recipient had listed an item that was inappropriate for Craigslist,

provided a link to remedy the issue, and that link then led to, well, possibly malware.

The InQ researchers were not able to retrieve the last step here because the link was

...