Security
Headlines
HeadlinesLatestCVEs

Tag

#android

Bug Bounty Radar // The latest bug bounty programs for November 2022

New web targets for the discerning hacker

PortSwigger
Open in Source
#vulnerability#web#ios#android#windows#apple#amazon#git#rce#pdf#auth
Malware on the Google Play store leads to harmful phishing sites

Categories: Android Categories: News A family of malicious apps from developer Mobile apps Group are on Google Play infected with HiddenAds. (Read more...) The post Malware on the Google Play store leads to harmful phishing sites appeared first on Malwarebytes Labs.

Gentoo Linux Security Advisory 202210-41

Gentoo Linux Security Advisory 202210-41 - Multiple vulnerabilities have been found in android-tools, the worst of which could result in arbitrary code execution. Versions less than 33.0.3 are affected.

Fodcha DDoS Botnet Resurfaces with New Capabilities

The threat actor behind the Fodcha distributed denial-of-service (DDoS) botnet has resurfaced with new capabilities, researchers reveal. This includes changes to its communication protocol and the ability to extort cryptocurrency payments in exchange for stopping the DDoS attack against a target, Qihoo 360's Network Security Research Lab said in a report published last week. Fodcha first came to

New Dropper Apps on Play Store Targeting Banking and Crypto Wallets

By Deeba Ahmed In total, 5 dropper apps with over 130,000 downloads through Play Store distributed banking trojans like Vultur and SharkBot. This is a post from HackRead.com Read the original post: New Dropper Apps on Play Store Targeting Banking and Crypto Wallets

A week in security (October 24 - 30)

Categories: News Tags: week in security Tags: weekly blog roundup The most important and interesting computer security stories from the last week. (Read more...) The post A week in security (October 24 - 30) appeared first on Malwarebytes Labs.

These Dropper Apps On Play Store Targeting Over 200 Banking and Cryptocurrency Wallets

Five malicious dropper Android apps with over 130,000 cumulative installations have been discovered on the Google Play Store distributing banking trojans like SharkBot and Vultur, which are capable of stealing financial data and performing on-device fraud. "These droppers continue the unstopping evolution of malicious apps sneaking to the official store," Dutch mobile security firm ThreatFabric

CVE-2022-3095: sdk/CHANGELOG.md at master · dart-lang/sdk

The implementation of backslash parsing in the Dart URI class for versions prior to 2.18 and Flutter versions prior to 3.30 differs from the WhatWG URL standards. Dart uses the RFC 3986 syntax, which creates incompatibilities with the '\' characters in URIs, which can lead to auth bypass in webapps interpreting URIs. We recommend updating Dart or Flutter to mitigate the issue.

Ransomware: Open Source to the Rescue

Automobile, Energy, Media, Ransomware?When thinking about verticals, one may not instantly think of cyber-criminality. Yet, every move made by governments, clients, and private contractors screams toward normalizing those menaces as a new vertical. Ransomware has every trait of the classical economical vertical. A thriving ecosystem of insurers, negotiators, software providers, and managed