Security
Headlines
HeadlinesLatestCVEs

Tag

#android

Franklin Fueling Systems TS-550 Hash Disclosure / Default Credentials

Franklin Fueling Systems TS-550 suffers from a password hash disclosure vulnerability.

Packet Storm
Open in Source
#vulnerability#web#android#linux#auth
Daggerfly Cyberattack Campaign Hits African Telecom Services Providers

Telecommunication services providers in Africa are the target of a new campaign orchestrated by a China-linked threat actor at least since November 2022. The intrusions have been pinned on a hacking crew tracked by Symantec as Daggerfly, and which is also tracked by the broader cybersecurity community as Bronze Highland and Evasive Panda. The campaign makes use of "previously unseen plugins from

CVE-2023-21100: Android Security Bulletin—April 2023

In inflate of inflate.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-242544249

CVE-2023-29586: CWE - CWE-285: Improper Authorization (4.10)

Code Sector TeraCopy 3.9.7 does not perform proper access validation on the source folder during a copy operation. This leads to Arbitrary File Read by allowing any user to copy any directory in the system to a directory they control.

Pakistani Hackers Use Linux Malware Poseidon to Target Indian Government Agencies

The Pakistan-based advanced persistent threat (APT) actor known as Transparent Tribe used a two-factor authentication (2FA) tool used by Indian government agencies as a ruse to deliver a new Linux backdoor called Poseidon. "Poseidon is a second-stage payload malware associated with Transparent Tribe," Uptycs security researcher Tejaswini Sandapolla said in a technical report published this week.

Introducing the Malwarebytes Admin app: Endpoint security at your fingertips

Categories: Business IT security on the go. (Read more...) The post Introducing the Malwarebytes Admin app: Endpoint security at your fingertips appeared first on Malwarebytes Labs.

Goldoson Android Malware Found in 60 Apps with 100M Downloads

By Deeba Ahmed The malware was identified by cybersecurity researchers at McAfee. This is a post from HackRead.com Read the original post: Goldoson Android Malware Found in 60 Apps with 100M Downloads

'Goldoson' Malware Sneaks into Google Play Apps, Racks Up 100M Downloads

Malware that can steal data, track location, and perform click fraud was inadvertently built into apps via an infected third-party library, highlighting supply chain risk.

Goldoson Android Malware Infects Over 100 Million Google Play Store Downloads

A new Android malware strain named Goldoson has been detected in the official Google Play Store spanning more than 60 legitimate apps that collectively have over 100 million downloads. An additional eight million installations have been tracked through ONE store, a leading third-party app storefront in South Korea. The rogue component is part of a third-party software library used by the apps in

QuaDream, Israeli iPhone hacking spyware firm, to shut down

By Waqas QuaDream, based in Ramat Gan, Israel, with around 40 employees, is known for its spyware used for hacking iPhones. This is a post from HackRead.com Read the original post: QuaDream, Israeli iPhone hacking spyware firm, to shut down