#android

Categories: News Tags: security vulnerabilities Tags: cryptocurrency Tags: lock and code Tags: SevenRooms Tags: adult popunder Tags: ad fraud Tags: AV-TEST Tags: Gemini Tags: cryptocurrency Tags: Play ransomware Tags: ransomware Tags: blocking IP addresses Tags: BEC scam Tags: BEC Tags: Bricklink Tags: Lego Tags: Netflix Tags: Disney+ Tags: password sharing Tags: The Guardian Tags: ransomware attack Tags: Godfather malware Tags: Godfather Tags: Android banking malware The most interesting security related news from the week of December 19 to 25. (Read more...) The post A week in security (December 19 - 25) appeared first on Malwarebytes Labs.

F-Secure SAFE Browser 19.1 before 19.2 for Android allows an IDN homograph attack.

By Owais Sultan In this article, we'll explore the key features and benefits of Android-based digital signage and how you can take advantage of them. This is a post from HackRead.com Read the original post: Android-Based Digital Signage: Key Features and Benefits

When closed or sent to the background, Firefox for Android would not properly record and persist HSTS settings.<br>*Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 100.

An attacker could have written a value to the first element in a zero-length JavaScript array. Although the array was zero-length, the value was not written to an invalid memory address. This vulnerability affects Firefox < 104.

When visiting a website with an overly long URL, the user interface would start to hang. Due to session restore, this could lead to a permanent Denial of Service.<br>*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 103.

When using the Performance API, an attacker was able to notice subtle differences between PerformanceEntries and thus learn whether the target URL had been subject to a redirect. This vulnerability affects Firefox < 103.

The Performance API did not properly hide the fact whether a request cross-origin resource has observed redirects. This vulnerability affects Firefox < 100.

An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0.

Using the <code>S.browser_fallback_url parameter</code> parameter, an attacker could redirect a user to a URL and cause SameSite=Strict cookies to be sent.<br>*This issue only affects Firefox for Android. Other operating systems are not affected.*. This vulnerability affects Firefox < 107.