@da_667 Right, but how often do you LEGIT get to use the cosmic rays or solar flares excuses when something fails though?
T
tomsellers@infosec.exchange
@tomsellers@infosec.exchange
Posts
-
we got a team back to the moon, and still can't get teams or zoom to run correctly, and they're back on holy terra. -
The security update protects a raft of older iPhones and iPads from attacks linked to leaked hacking tools called DarkSword.Apple says users running its latest software, iOS 26, were protected weeks ago. The company has also released a new update to iOS 18 users with iPhones and iPads that are unable to run iOS 26 software.
But with Wednesday’s update, Apple has now provided DarkSword fixes for the millions of users with unpatched devices that are capable of updating to iOS 26 but who have chosen not to update.
Users running 18.7.3 were already protected.
Google ref here: https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain
-
There is a bunch of buzz along the lines of "Apple FINALLY backports DarkSword related fixes to 18There is a bunch of buzz along the lines of "Apple FINALLY backports DarkSword related fixes to 18.x and will release this on April 1".
Based on publicly available information this is incorrect.
What Apple has actually done broadened the device models that are eligible to upgrade to iOS/iPadOS 18.
Per Google [1] every vuln in the DarkSword kit except for CVE-2026-20700 had already been patched in iOS 18 as of 18.7.3 which was released on Dec 12, 2025.
Per Apple [2], CVE-2026-20700 is not included in 18.7.7 which was released today.
Apple has placed an easy to miss note at the top of the release notes:
"We enabled the availability of iOS 18.7.7 for more devices on April 1, 2026, so users with Automatic Updates turned on can automatically receive important security protections from web attacks called Darksword. The fixes associated with the Darksword exploit first shipped in 2025."
Unfortunately I don't see an indication of which devices are newly eligible to upgrade to iOS/iPadOS 18.
References:
Google DarkSword writeup - https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain
Apple iOS/iPadOS 18.7.7 release notes:
https://support.apple.com/en-us/126793
-
Defender 1: This appliance is running an ancient AF version, how is it not a smoking ruin at this point?Defender 1: This appliance is running an ancient AF version, how is it not a smoking ruin at this point?
Defender 2: Well, it turns out that all of the attacker scanning tools use libraries that have disabled TLS before 1.0 and this appliance only supports SSL v3 sooo....
- OpenSSL 1.1.1 sets the default min to TLS 1.0
- Python 2.7 / 3.6 set the default min to TLS 1.0 but depend on the underlying crypto lib.
- Go default min prior to 1.18 was TLS 1.0
curldefault min was TLS 1.0 from curl 7.39.0 to 8.15.xwgetuses underlying lib
-
Some people are actually pretty sad Meta is killing the metaverse https://www.404media.co/the-people-left-behind-by-the-metaverse/@josephcox FYI, minor spelling error in the tagline that doesn't exist in the same quote in the body:
"from corprotate neglect"
-
I have been in infosec for a long time.@rk This has been a successful test of the wrong state. We will now test the desired state.