Episode #16

Posted on
facebook whatsapp e2e encryption haproxy azure azurescape forcedentry nso group spook.js spectre

End-to-end encryption. HAProxy. Azurescape. NSO Group Exploit. Spook.JS

1. How Facebook Undermines Privacy Protections for Its 2 Billion WhatsApp Users (propublica.org)

Related:

2. Critical Vulnerability in HAProxy (CVE-2021-40346): Integer Overflow Enables HTTP Smuggling (jfrog.com)

Related:

3. Finding Azurescape – Cross-Account Container Takeover in Azure Container Instances (paloaltonetworks.com)

Related:

4. FORCEDENTRY. NSO Group iMessage Zero-Click Exploit Captured in the Wild (citizenlab.ca)

Related:

5. Spook.js. Attacking Google Chrome’s Strict Site Isolation via Speculative Execution and Type Confusion (spookjs.com)

Related: