Security
Headlines
HeadlinesLatestCVEs

Tag

#android

New TrollStore Tool Permanently Installs Apps on Non-Jailbroken iOS Devices

By Waqas TrollStore does not work on anything above iOS 15.5, and beta 4, not on iOS 15.5, not on version 15.6, and not on iOS 16). This is a post from HackRead.com Read the original post: New TrollStore Tool Permanently Installs Apps on Non-Jailbroken iOS Devices

HackRead
Open in Source
#vulnerability#ios#android#apple#microsoft#git
Experts Warn of New RatMilad Android Spyware Targeting Enterprise Devices

A novel Android malware called RatMilad has been observed targeting a Middle Eastern enterprise mobile device by concealing itself as a VPN and phone number spoofing app. The mobile trojan functions as advanced spyware with capabilities that receives and executes commands to collect and exfiltrate a wide variety of data from the infected mobile endpoint, Zimperium said in a report shared with

CISA Orders Federal Agencies to Regularly Track Network Assets and Vulnerabilities

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a new Binding Operational Directive (BOD) that directs federal agencies in the country to keep track of assets and vulnerabilities on their networks six months from now. To that end, Federal Civilian Executive Branch (FCEB) enterprises have been tasked with two sets of activities: Asset discovery and vulnerability

Google Chrome 103.0.5060.53 Autofill Assistant Universal Cross Site Scripting

Google Chrome version 103.0.5060.53 suffers from an Autofill Assistant universal cross site scripting vulnerability.

Meet Plexus, An AI-based Browser Security Solution from LayerX

By Waqas With the increasing use of the internet, browser security has become an important issue. Malware, phishing, and adware… This is a post from HackRead.com Read the original post: Meet Plexus, An AI-based Browser Security Solution from LayerX

A week in security (September 26 – October 2)

Categories: News The most important and interesting computer security stories from the last week. (Read more...) The post A week in security (September 26 – October 2) appeared first on Malwarebytes Labs.

The Challenge of Cracking Iran’s Internet Blockade

People around the world are rallying to subvert Iran's internet shutdown, but actually pulling it off is proving difficult and risky.

CVE-2022-40277: GitHub - laurent22/joplin: Joplin - an open source note taking and to-do application with synchronisation capabilities for Windows, macOS, Linux, Android and iOS.

Joplin version 2.8.8 allows an external attacker to execute arbitrary commands remotely on any client that opens a link in a malicious markdown file, via Joplin. This is possible because the application does not properly validate the schema/protocol of existing links in the markdown file before passing them to the 'shell.openExternal' function.

Top 5 Mobile Commerce Trends in 2022

By Owais Sultan Due to its many benefits, mobile commerce has been growing quickly over the last several years. The need… This is a post from HackRead.com Read the original post: Top 5 Mobile Commerce Trends in 2022

CVE-2022-37461: Trustwave Security Advisories

Multiple cross-site scripting (XSS) vulnerabilities in Canon Medical Vitrea View 7.x before 7.7.6 allow remote attackers to inject arbitrary web script or HTML via (1) the input after the error subdirectory to the /vitrea-view/error/ subdirectory, or the (2) groupID, (3) offset, or (4) limit parameter to an Administrative Panel (Group and Users) page. There is a risk of an attacker retrieving patient information.