#android

Ubuntu Security Notice 6688-1 - Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service. It was discovered that the Habana's AI Processors driver in the Linux kernel did not properly initialize certain data structures before passing them to user space. A local attacker could use this to expose sensitive information.

**According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is information disclosure?** The attack itself is carried out locally. For example, when the score indicates that the **Attack Vector** is **Local** (AV:L) and **User Interaction** is **Required** (UI:R), this could describe an exploit in which an attacker, through social engineering, convinces a victim to download and run a malicious application. This could lead to a local attack on the user's device which could leak data.

**What type of information could be disclosed by this vulnerability?** The type of information that could be disclosed if an attacker successfully exploited this vulnerability is file content.

By Waqas Evasive Panda, also identified as BRONZE HIGHLAND and Daggerfly, is carrying out global targeting of Tibetans. This is a post from HackRead.com Read the original post: Chinese Evasive Panda Targets Tibetans with Nightdoor Backdoor

It’s important to be vigilant about tax-related scams any time these deadlines roll around, regardless of what country you’re in, but it’s not like you need to be particularly more skeptical in March and April.

The US Treasury Department has sanctioned Predator spyware vendor Intellexa Consortium, and banned the company from doing business in the US.

A spoofing vulnerability exists when Microsoft Browsers does not properly parse HTTP content. An attacker who successfully exploited this vulnerability could impersonate a user request by crafting HTTP queries. The specially crafted website could either spoof content or serve as a pivot to chain an attack with other vulnerabilities in web services. To exploit the vulnerability, the user must click a specially crafted URL. In an email attack scenario, an attacker could send an email message containing the specially crafted URL to the user in an attempt to convince the user to click it. In a web-based attack scenario, an attacker could host a specially crafted website designed to appear as a legitimate website to the user. However, the attacker would have no way to force the user to visit the specially crafted website. The attacker would have to convince the user to visit the specially crafted website, typically by way of enticement in an email or instant message, and then convince the...

Threat actors have been leveraging fake websites advertising popular video conferencing software such as Google Meet, Skype, and Zoom to deliver a variety of malware targeting both Android and Windows users since December 2023. “The threat actor is distributing Remote Access Trojans (RATs) including SpyNote RAT for Android platforms, and NjRAT and DCRat for Windows

By Deeba Ahmed Remote Access Trojan Threat: Beware Malicious Downloads Disguised as Meeting Apps. This is a post from HackRead.com Read the original post: Fake Skype, Zoom, Google Meet Sites Infecting Devices with Multiple RATs

Apple has released a security update for iOS and iPadOS to patch two zero-day vulnerabilities which are reported to already have been exploited.