Apple has issued emergency updates that include patches for older iOS devices concerning two actively used zero-days that were patched for iOS 17 last week

Apple has issued emergency updates that include patches for older iOS devices concerning the two actively used zero-day vulnerabilities that were patched last week in newer devices.

Updates are available for:

Safari 17.2

macOS Monterey and macOS Ventura

iOS 17.2 and iPadOS 17.2

iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later

iOS 16.7.3 and iPadOS 16.7.3

iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later

macOS Sonoma 14.2

macOS Sonoma

macOS Ventura 13.6.3

macOS Ventura

macOS Monterey 12.7.2

macOS Monterey

tvOS 17.2

Apple TV HD and Apple TV 4K (all models)

watchOS 10.2

Apple Watch Series 4 and later

The updates may already have reached you if you automatically update, but it doesn’t hurt to check if your device is at the latest update level.

If a Safari update is available for your device, you can get it by updating your iPhone or iPad or updating your Mac.

Owners of devices running iOS 16.7 and iPad iOS 16.7 are especially encouraged to update as soon as possible, since the fixed issues may have been exploited against versions of iOS before iOS 16.7.1.

Apple doesn’t disclose, discuss, or confirm details about security issues until an investigation has occurred and patches or releases are available. But both vulnerabilities were credited to Clément Lecigne of Google’s Threat Analysis Group (TAG). 

Recently we saw an update for the Chrome browser which included a patch for an actively exploited zero-day vulnerability. That vulnerability was reported by TAG’s Benoît Sevens and the formerly mentioned Clément Lecigne. These Google TAG researchers are renowned for finding and disclosing zero-day vulnerabilities used in state-sponsored spyware attacks.

**We don’t just report on Android and iOS security—we provide it**

Cybersecurity risks should never spread beyond a headline. Keep threats off your Android devices by downloading Malwarebytes for Android today. And keep threats off your iOS devices by downloading Malwarebytes for iOS today.

 Update now! Apple issues patches for older iPhones and other devices 

Debian Linux Security Advisory 5575-1 - The following vulnerabilities have been discovered in the WebKitGTK web engine.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5575-1                   security@debian.org  
https://www.debian.org/security/                           Alberto Garcia  
December 11, 2023                     https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : webkit2gtk  
CVE ID         : CVE-2023-42916 CVE-2023-42917

The following vulnerabilities have been discovered in the WebKitGTK  
web engine:

CVE-2023-42916

    Clement Lecigne discovered that processing web content may  
    disclose sensitive information. Apple is aware of a report that  
    this issue may have been actively exploited.

CVE-2023-42917

    Clement Lecigne discovered that processing web content may lead to  
    arbitrary code execution. Apple is aware of a report that this  
    issue may have been actively exploited.

For the oldstable distribution (bullseye), these problems have been fixed  
in version 2.42.3-1~deb11u1.

For the stable distribution (bookworm), these problems have been fixed in  
version 2.42.3-1~deb12u1.

We recommend that you upgrade your webkit2gtk packages.

For the detailed security status of webkit2gtk please refer to  
its security tracker page at:  
https://security-tracker.debian.org/tracker/webkit2gtk

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEYrwugQBKzlHMYFizAAyEYu0C2AIFAmV3hxQACgkQAAyEYu0C  
2ALD/A/+Inn3pEr29SXRWDWhmX/eUIg1KrUVGXXfgrWFaDx9ejRhchXnzORIOKcV  
a1SlXQ48Gixernf8T06Hbvg6l3TL8vd+Z/mNO+oVYvT3h/ARiJ6rtAS+rxjpFrF0  
GOGBDUh8X69knZ17ZZ4fuMo4dkGvq75Ww95bS70ffLWGcwvDjL0VYU1Igkcf8DAU  
moqWeHGH1dPwQs18Ifa5PWCnBoxyBkeu3sQz1qsZQ4h628Feo1k7orjRiL7NDS9t  
bfSZyiR935BmrOqbGZ1Mg8UH26qY9WZkARUEmi5kfHeycXvAs80sKW6AzKJtksa/  
nidSAmYU9QTI5pHp4oF4hSlG7GSABQhSBEzx/B2449XvQOvoD0EAt7OKvEFZ7fIL  
mHDLBl4K9QOErM7Qu2hWqaqEBnxo8Xb8epKFtqQUUqVpBPdc79UtrwNj2Lvg5/w3  
TPqBc/OnYuXRuTlAZ85zAqbus6roCQI2Nwe6m8+lVhK1H4wRSGQ3XvzpGMG9bplq  
y9Z7Lwg2b8s9+3Kfkm8fO9qsK0TrrODxBoJ/hvWZ0ULtvY3KzREnEpnKkPmPdtod  
InJwL6vQbtR9D9Zcss8+pWm/ElD5ImTekoqs5vHrgFaXLH0iI/lAXPm/DFX5R5cW  
SR6mK0T1Dwg5GveQlnVR7nbwYCtjZOPHGPKDUQYzaNf14keKk9A=  
=v8r9  
-----END PGP SIGNATURE-----

Debian Security Advisory 5575-1

Researchers have found a way to guess passwords from keyboard sounds recorded by a smartphone with 95% accuracy.

As if password authentication’s coffin needed any more nails, researchers in the UK have discovered yet another way to hammer one in. The technique, developed at Durham University, the University of Surrey, and Royal Holloway University of London, builds on previous work to produce a more accurate way to guess your password by listening to the sound of you typing it on your keyboard.

The slight differences in the sounds each key makes is an unintentional leak of information, known as a “side channel”. Computers typically have lots of side channels, such as noises, heat, and changes in electromagnetic emissions, which can be hoovered up and analysed by adversaries to learn more about what’s happening on the computer.

Side channel research can get a little far-fetched and impractical at times but it serves a useful purpose in improving our knowledge about what’s possible. However, this research is firmly rooted in the possible, starting with the decision to monitor sound, rather than something more exotic.

> The ubiquity of keyboard acoustic emanations makes them not only a readily available attack vector, but also prompts victims to underestimate (and therefore not try to hide) their output. For example, when typing a password, people will regularly hide their screen but will do little to obfuscate their keyboard’s sound.

The researchers also used real-world attack scenarios, such as snooping on a laptop keyboard using the microphone on a smartphone in the same room, and by capturing the sound on a Zoom call.

As it is in so much cybersecurity research, Artificial Intelligence is centre stage. The new password-busting technique uses Deep Learning (a form of AI that mimics the learning process of the human brain) to determine which of a keyboard’s 36 keys are being pressed. The algorithm was taught using 25 presses on each key of an Apple laptop using different fingers and different pressures. The sounds from the key presses were processed extensively before being turned into images, and then fed into a deep learning algorithm used for image classification.

Did it work? Yes, even over Zoom.

> The method presented in this paper achieved a top-1 classification accuracy of 95% on phone-recorded laptop keystrokes, representing improved results for classifiers not utilising language models and the second best accuracy seen across all surveyed literature. When implemented on the Zoom-recorded data, the method resulted in 93% accuracy, an improved result for classifiers using such applications as attack vectors.

Research like this always begs the question, should you be worried about this? Most people have far more basic password problems to concern themselves with before fixing their noisy keyboards. However, all targets of cybercrime are not created equal, and there are nation state agencies willing to spend millions to compromise specific people. It is not difficult to imagine an intelligence agency using a technique like this, and it isn’t too far fetched for industrial espionage either.

As the reseachers point out, a deep learning engine trained on one laptop could probably guess passwords on other laptops of the same model, meaning “a successful attack on a single laptop could prove viable on a large number of devices.” A hint that techniques like this could even be commodified one day.

If you are concerned about this it’s worth noting that entering a password with a password manager makes almost no sound. However, if you think you’re genuinely at risk from techniques like this you should be looking beyond passwords at things like passkeys anyway.

**We don’t just report on threats—we remove them**

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.

 The sound of you typing on your keyboard could reveal your password 

Apple on Monday released security patches for iOS, iPadOS, macOS, tvOS, watchOS, and Safari web browser to address multiple security flaws, in addition to backporting fixes for two recently disclosed zero-days to older devices.
This includes updates for 12 security vulnerabilities in iOS and iPadOS spanning AVEVideoEncoder, ExtensionKit, Find My, ImageIO, Kernel, Safari

Apple on Monday released security patches for iOS, iPadOS, macOS, tvOS, watchOS, and Safari web browser to address multiple security flaws, in addition to backporting fixes for two recently disclosed zero-days to older devices.

This includes updates for 12 security vulnerabilities in iOS and iPadOS spanning AVEVideoEncoder, ExtensionKit, Find My, ImageIO, Kernel, Safari Private Browsing, and WebKit. macOS Sonoma 14.2, for its part, resolves 39 shortcomings, counting six bugs impacting the ncurses library.

Notable among the flaws is CVE-2023-45866, a critical security issue that could allow an attacker in a privileged network position to inject keystrokes by spoofing a keyboard.

The vulnerability was disclosed by SkySafe security researcher Marc Newlin last week. It has been remediated in iOS 17.2, iPadOS 17.2, and macOS Sonoma 14.2 with improved checks, the iPhone maker said.

UPCOMING WEBINAR

Cracking the Code: Learn How Cyber Attackers Exploit Human Psychology

Ever wondered why social engineering is so effective? Dive deep into the psychology of cyber attackers in our upcoming webinar.

Join Now

Also released by Apple is Safari 17.2, containing fixes for two WebKit flaws – CVE-2023-42890 and CVE-2023-42883 – that could lead to arbitrary code execution and a denial-of-service (DoS) condition. The update is available for Macs running macOS Monterey and macOS Ventura.

iOS 17.2 and iPadOS 17.2, besides addressing a Siri bug that could allow an adversary with physical access to obtain sensitive data, packs in a security upgrade in the form of Contact Key Verification, which ensures privacy of iMessage conversations by enabling users to verify the contacts they are communicating with.

"iMessage Contact Key Verification advances the state of the art of Key Transparency deployments by having user devices themselves verify consistency proofs and ensure consistency of the KT system across all user devices for an account," Apple noted in a technical explainer in October 2023.

"These improvements protect against key directory compromise as well as compromise of the transparency service itself, and can detect split views presented by both services."

Coinciding with the updates, Apple has also released iOS 16.7.3 and iPadOS 16.7.3 to close out as many as eight security issues, two of which relate to WebKit (CVE-2023-42916 and CVE-2023-42917) and were disclosed by Redmond as having been actively exploited in the wild earlier this month.

Both the vulnerabilities have been patched in tvOS 17.2 and watchOS 10.2 as well. No additional details are available as yet regarding the nature of the exploitation and the threat actors that may be using them.

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Apple Releases Security Updates to Patch Critical iOS and macOS Security Flaws

Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Sonoma 14.2. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.

Released December 11, 2023

**Accessibility**

Available for: macOS Sonoma

Impact: Secure text fields may be displayed via the Accessibility Keyboard when using a physical keyboard

Description: This issue was addressed with improved state management.

CVE-2023-42874: Don Clarke

**Accounts**

Available for: macOS Sonoma

Impact: An app may be able to access sensitive user data

Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2023-42919: Kirin (@Pwnrin)

**AppleEvents**

Available for: macOS Sonoma

Impact: An app may be able to access information about a user's contacts

Description: This issue was addressed with improved redaction of sensitive information.

CVE-2023-42894: Noah Roskin-Frazee and Prof. J. (ZeroClicks.ai Lab)

**AppleGraphicsControl**

Available for: macOS Sonoma

Impact: Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution

Description: Multiple memory corruption issues were addressed with improved input validation.

CVE-2023-42901: Ivan Fratric of Google Project Zero

CVE-2023-42902: Ivan Fratric of Google Project Zero, and Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative

CVE-2023-42912: Ivan Fratric of Google Project Zero

CVE-2023-42903: Ivan Fratric of Google Project Zero

CVE-2023-42904: Ivan Fratric of Google Project Zero

CVE-2023-42905: Ivan Fratric of Google Project Zero

CVE-2023-42906: Ivan Fratric of Google Project Zero

CVE-2023-42907: Ivan Fratric of Google Project Zero

CVE-2023-42908: Ivan Fratric of Google Project Zero

CVE-2023-42909: Ivan Fratric of Google Project Zero

CVE-2023-42910: Ivan Fratric of Google Project Zero

CVE-2023-42911: Ivan Fratric of Google Project Zero

CVE-2023-42926: Ivan Fratric of Google Project Zero

**AppleVA**

Available for: macOS Sonoma

Impact: Processing an image may lead to arbitrary code execution

Description: The issue was addressed with improved memory handling.

CVE-2023-42882: Ivan Fratric of Google Project Zero

**Archive Utility**

Available for: macOS Sonoma

Impact: An app may be able to access sensitive user data

Description: A logic issue was addressed with improved checks.

CVE-2023-42924: Mickey Jin (@patch1t)

**AVEVideoEncoder**

Available for: macOS Sonoma

Impact: An app may be able to disclose kernel memory

Description: This issue was addressed with improved redaction of sensitive information.

CVE-2023-42884: an anonymous researcher

**Bluetooth**

Available for: macOS Sonoma

Impact: An attacker in a privileged network position may be able to inject keystrokes by spoofing a keyboard

Description: The issue was addressed with improved checks.

CVE-2023-45866: Marc Newlin of SkySafe

**CoreMedia Playback**

Available for: macOS Sonoma

Impact: An app may be able to access user-sensitive data

Description: The issue was addressed with improved checks.

CVE-2023-42900: Mickey Jin (@patch1t)

**CoreServices**

Available for: macOS Sonoma

Impact: A user may be able to cause unexpected app termination or arbitrary code execution

Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2023-42886: Koh M. Nakagawa (@tsunek0h)

**ExtensionKit**

Available for: macOS Sonoma

Impact: An app may be able to access sensitive user data

Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2023-42927: Noah Roskin-Frazee and Prof. J. (ZeroClicks.ai Lab)

**Find My**

Available for: macOS Sonoma

Impact: An app may be able to read sensitive location information

Description: This issue was addressed with improved redaction of sensitive information.

CVE-2023-42922: Wojciech Regula of SecuRing (wojciechregula.blog)

**ImageIO**

Available for: macOS Sonoma

Impact: Processing an image may lead to arbitrary code execution

Description: The issue was addressed with improved memory handling.

CVE-2023-42898: Junsung Lee

CVE-2023-42899: Meysam Firouzi @R00tkitSMM and Junsung Lee

**IOKit**

Available for: macOS Sonoma

Impact: An app may be able to monitor keystrokes without user permission

Description: An authentication issue was addressed with improved state management.

CVE-2023-42891: an anonymous researcher

**Kernel**

Available for: macOS Sonoma

Impact: An app may be able to break out of its sandbox

Description: The issue was addressed with improved memory handling.

CVE-2023-42914: Eloi Benoist-Vanderbeken (@elvanderb) of Synacktiv (@Synacktiv)

**ncurses**

Available for: macOS Sonoma

Impact: A remote user may be able to cause unexpected app termination or arbitrary code execution

Description: This issue was addressed with improved checks.

CVE-2020-19185

CVE-2020-19186

CVE-2020-19187

CVE-2020-19188

CVE-2020-19189

CVE-2020-19190

**SharedFileList**

Available for: macOS Sonoma

Impact: An app may be able to access sensitive user data

Description: The issue was addressed with improved checks.

CVE-2023-42842: an anonymous researcher

**TCC**

Available for: macOS Sonoma

Impact: An app may be able to access protected user data

Description: A logic issue was addressed with improved checks.

CVE-2023-42932: Zhongquan Li (@Guluisacat)

**Vim**

Available for: macOS Sonoma

Impact: Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution

Description: This issue was addressed by updating to Vim version 9.0.1969.

CVE-2023-5344

**WebKit**

Available for: macOS Sonoma

Impact: Processing web content may lead to arbitrary code execution

Description: The issue was addressed with improved memory handling.

WebKit Bugzilla: 259830  
CVE-2023-42890: Pwn2car

**WebKit**

Available for: macOS Sonoma

Impact: Processing an image may lead to a denial-of-service

Description: The issue was addressed with improved memory handling.

WebKit Bugzilla: 263349  
CVE-2023-42883: Zoom Offensive Security Team

CVE-2023-42926: About the security content of macOS Sonoma 14.2

The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, macOS Sonoma 14.2, watchOS 10.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2. Processing web content may lead to arbitrary code execution.

This document describes the security content of Safari 17.2.

**About Apple security updates**

For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security releases page.

Apple security documents reference vulnerabilities by CVE-ID when possible.

For more information about security, see the Apple Product Security page.

**Safari 17.2**

Released December 11, 2023

**WebKit**

Available for: macOS Monterey and macOS Ventura

Impact: Processing web content may lead to arbitrary code execution

Description: The issue was addressed with improved memory handling.

WebKit Bugzilla: 259830  
CVE-2023-42890: Pwn2car

**WebKit**

Available for: macOS Monterey and macOS Ventura

Impact: Processing an image may lead to a denial-of-service

Description: The issue was addressed with improved memory handling.

WebKit Bugzilla: 263349  
CVE-2023-42883: Zoom Offensive Security Team

**Additional recognition**

**WebKit**

We would like to acknowledge 椰椰 for their assistance.

Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. Contact the vendor for additional information.

Published Date: December 11, 2023

CVE-2023-42890: About the security content of Safari 17.2

A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.2, macOS Ventura 13.6.3, macOS Monterey 12.7.2. An app may be able to access protected user data.

Released December 11, 2023

**Accounts**

Available for: macOS Ventura

Impact: An app may be able to access sensitive user data

Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2023-42919: Kirin (@Pwnrin)

**AppleEvents**

Available for: macOS Ventura

Impact: An app may be able to access information about a user's contacts

Description: This issue was addressed with improved redaction of sensitive information.

CVE-2023-42894: Noah Roskin-Frazee and Prof. J. (ZeroClicks.ai Lab)

**Archive Utility**

Available for: macOS Ventura

Impact: An app may be able to access sensitive user data

Description: A logic issue was addressed with improved checks.

CVE-2023-42924: Mickey Jin (@patch1t)

**AVEVideoEncoder**

Available for: macOS Ventura

Impact: An app may be able to disclose kernel memory

Description: This issue was addressed with improved redaction of sensitive information.

CVE-2023-42884: an anonymous researcher

**CoreServices**

Available for: macOS Ventura

Impact: A user may be able to cause unexpected app termination or arbitrary code execution

Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2023-42886: Koh M. Nakagawa (@tsunek0h)

**Find My**

Available for: macOS Ventura

Impact: An app may be able to read sensitive location information

Description: This issue was addressed with improved redaction of sensitive information.

CVE-2023-42922: Wojciech Regula of SecuRing (wojciechregula.blog)

**ImageIO**

Available for: macOS Ventura

Impact: Processing an image may lead to arbitrary code execution

Description: The issue was addressed with improved memory handling.

CVE-2023-42899: Meysam Firouzi @R00tkitSMM and Junsung Lee

**IOKit**

Available for: macOS Ventura

Impact: An app may be able to monitor keystrokes without user permission

Description: An authentication issue was addressed with improved state management.

CVE-2023-42891: an anonymous researcher

**Kernel**

Available for: macOS Ventura

Impact: An app may be able to break out of its sandbox

Description: The issue was addressed with improved memory handling.

CVE-2023-42914: Eloi Benoist-Vanderbeken (@elvanderb) of Synacktiv (@Synacktiv)

**ncurses**

Available for: macOS Ventura

Impact: A remote user may be able to cause unexpected app termination or arbitrary code execution

Description: This issue was addressed with improved checks.

CVE-2020-19185

CVE-2020-19186

CVE-2020-19187

CVE-2020-19188

CVE-2020-19189

CVE-2020-19190

**TCC**

Available for: macOS Ventura

Impact: An app may be able to access protected user data

Description: A logic issue was addressed with improved checks.

CVE-2023-42932: Zhongquan Li (@Guluisacat)

**Vim**

Available for: macOS Ventura

Impact: Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution

Description: This issue was addressed by updating to Vim version 9.0.1969.

CVE-2023-5344

CVE-2023-42932: About the security content of macOS Ventura 13.6.3

The Goodix Fingerprint Device, as shipped in Dell Inspiron 15 computers, does not follow the Secure Device Connection Protocol (SDCP) when enrolling via Linux, and accepts an unauthenticated configuration packet to select the Windows template database, which allows bypass of Windows Hello authentication by enrolling an attacker's fingerprint.

CVE-2023-50430: A Touch of Pwn - Part I

By Waqas
On Thursday, November 30, 2023, Rappler, the prominent online media giant based in the Philippines, fell victim to a relentless series of Distributed Denial of Service (DDoS) attacks.
This is a post from HackRead.com Read the original post: DDoS Attacks on Rappler Linked to Proxy Service Providers in US and Russia

Qurium, the Swedish media foundation and human rights watchdog leading the investigation into these DDoS attacks implicates FineProxy and RayoByte in facilitating the attacks.

On November 30, 2023, Rappler, the leading digital media company in the Philippines, found itself under a massive series of crippling DDoS attacks (Distributed Denial of Service Attacks).

Qurium, the Swedish media foundation and human rights watchdog, leading the investigation into the recent DDoS attacks, has exposed the alleged participation of two major proxy providers, FineProxy and RayoByte, in facilitating the series of crippling DDoS attacks.

In a blog post published by Rappler, On December 5, 2023, the company experienced an unprecedented surge of over 40 million requests to its homepage within a span of one hour. The investigation, conducted by Qurium, analyzed 90GB of access log data provided by Rappler and traced the malicious activity back to FineProxy and RayoByte.

****FineProxy from Russia****

According to a report published by Qurium, FineProxy, a Russian-based proxy infrastructure, has a history of involvement in numerous DDoS attacks against various organizations.

Despite being approached multiple times by Qurium, FineProxy showed little interest in resolving the issue and instead offered to disclose the client responsible for the attacks on the condition that Qurium remove all forensic reports involving their name.

For a comprehensive understanding of the details provided in the screenshot above, delve into Qurium’s report outlining FineProxy’s infrastructure and a documented timeline of its business model.

****RayoByte from the United States****

RayoByte, based in Nebraska and operating under Sprious LLC, claims to be an “ethical proxy provider.” However, evidence collected by Qurium suggests otherwise, as the investigation revealed the use of fake geolocations in their networks and a willingness to engage in unethical practices.

It is worth noting that during the DDoS attack on Rappler, traffic peaked at a staggering 250,000 requests per second. The assailants targeted Rappler’s website with multiple waves of attacks, originating from both residential and data center connections.

Qurium’s investigation exposed the complex web of networks associated with FineProxy and RayoByte. Both proxy providers, despite claims of ethical standards, have allegedly tampered with geolocation data, associating their networks with fake locations to attract clients.

The alleged fake locations advertised by RayoByte (Screenshot taken from a separate report published by Qurium available here.

The report concludes that both FineProxy and RayoByte have designed their infrastructures to accommodate almost unlimited connections, enabling customers to automate tasks such as scraping and flooding sites with backlinks at high speeds. This focus on serving clients engaging in potentially abusive SEO practices has led to the use of their infrastructures for conducting DDoS attacks.

****Qurium****

For readers’ information, Qurium specializes in investigating DDoS attacks with a mission to identify perpetrators and ensure accountability. The organization has been actively investigating the recent surge in DDoS attacks targeting media and human rights organizations in the Philippines.

Qurium’s noteworthy track record includes investigations into significant cyber incidents. This includes their examination of weeks-long DDoS attacks on the Philippines Human Rights watchdog ‘Karapatan.’

In November 2023, Qurium exposed Chinese scammers exploiting cloned websites within an extensive gambling network. Furthermore, in September 2019, the organization released a report shedding light on how an illegal prostitution ring disrupted the Internet in Kazakhstan.

Nevertheless, the troubling findings call into question the responsibility and moral guidelines of proxy providers, which seem to shield users involved in harmful actions. The disclosures concerning the absence of supervision and accountability among these providers are troubling, provoking deep concerns about their function in protecting the Internet.

1.  **List of Proxy IPs Exposed to Block Killnet’s DDoS Bots**
2.  **Cloudflare thwarts largest reported HTTP DDoS attack**
3.  **48 DDoS-hiring Services Busted by FBI in Major Sweep**
4.  **UK Royal Family Website Hit by DDoS Attack from Russian KillNet**
5.  **Kaspersky Reveals Alarming IoT Threats and Dark Web DDoS Boom**
6.  **Operator of Major Proxy Botnet ‘IPStorm’ Arrested, Pleads Guilty in US**

Tag

#apple