Security
Headlines
HeadlinesLatestCVEs

Tag

#android

35 malicious apps found on Google Play Store, installed by 2m users

By Waqas Another day, another set of nasty applications on the official Google Play Store. The growing efforts of cyber-criminals… This is a post from HackRead.com Read the original post: 35 malicious apps found on Google Play Store, installed by 2m users

HackRead
Open in Source
#web#android#google#microsoft#git#wifi
CVE-2022-23747: #ALHACK: One codec to hack the whole world - Check Point Research

In Sony Xperia series 1, 5, and Pro, an out of bound memory access can occur due to lack of validation of the number of frames being passed during music playback.

The Android 13 Privacy Settings You Should Update Now

Google’s new mobile operating system has arrived. Take back some control with these privacy and security tips.

Cybercriminals Developing BugDrop Malware to Bypass Android Security Features

In a sign that malicious actors continue to find ways to work around Google Play Store security protections, researchers have spotted a previously undocumented Android dropper trojan that's currently in development. "This new malware tries to abuse devices using a novel technique, not seen before in Android malware, to spread the extremely dangerous Xenomorph banking trojan, allowing criminals

Update Chrome now! Google issues patch for zero day spotted in the wild

Categories: Exploits and vulnerabilities Categories: News Tags: 104.0.5112.101 Tags: Google Tags: Chrome Tags: CVE-2022-2852 Tags: CVE-2022-2856 Tags: CVE-2022-2854 Tags: CVE-2022-2853 Tags: UAF Tags: heap buffer overflow Google issued an update that includes 11 security fixes. One of the vulnerabilities is labeled as “Critical” and one of the vulnerabilities that is labeled as “High” exists in the wild. (Read more...) The post Update Chrome now! Google issues patch for zero day spotted in the wild appeared first on Malwarebytes Labs.

Xiaomi Phone Bug Allowed Payment Forgery

Mobile transactions could’ve been disabled, created and signed by attackers.

CVE-2022-35734: JVN#40907489: "Hulu / フールー" App for Android uses a hard-coded API key for an external service

'Hulu / ????' App for Android from version 3.0.47 to the version prior to 3.1.2 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app.

CVE-2022-38216: Release android-v10.6.1 · mapbox/mapbox-maps-android

An integer overflow exists in Mapbox's closed source gl-native library prior to version 10.6.1, which is bundled with multiple Mapbox products including open source libraries. The overflow is caused by large image height and width values when creating a new Image and allows for out of bounds writes, potentially crashing the Mapbox process.

SOVA Android Banking Trojan Returns With New Capabilities and Targets

The SOVA Android banking trojan is continuing to be actively developed with upgraded capabilities to target no less than 200 mobile applications, including banking apps and crypto exchanges and wallets, up from 90 apps when it started out. That's according to the latest findings from Italian cybersecurity firm Cleafy, which found newer versions of the malware sporting functionality to intercept

A week in security (August 8 - August 14)

Categories: A week in security Categories: News The most important and interesting computer security stories from the last week. (Read more...) The post A week in security (August 8 - August 14) appeared first on Malwarebytes Labs.