Security
Headlines
HeadlinesLatestCVEs

Tag

#android

U.S. Takes Down IPStorm Botnet, Russian-Moldovan Mastermind Pleads Guilty

The U.S. government on Tuesday announced the takedown of the IPStorm botnet proxy network and its infrastructure, as the Russian and Moldovan national behind the operation pleaded guilty. "The botnet infrastructure had infected Windows systems then further expanded to infect Linux, Mac, and Android devices, victimizing computers and other electronic devices around the world, including in Asia,

The Hacker News
Open in Source
#android#mac#windows#linux#git#botnet#The Hacker News
Alert: Microsoft Releases Patch Updates for 5 New Zero-Day Vulnerabilities

Microsoft has released fixes to address 63 security bugs in its software for the month of November 2023, including three vulnerabilities that have come under active exploitation in the wild. Of the 63 flaws, three are rated Critical, 56 are rated Important, and four are rated Moderate in severity. Two of them have been listed as publicly known at the time of the release. The updates are in

Operator of Major Proxy Botnet ‘IPStorm’ Arrested, Pleads Guilty in US

By Waqas The FBI arrested the operator of the IPStorm botnet, a Russian-Moldovan national, in Spain. This is a post from HackRead.com Read the original post: Operator of Major Proxy Botnet ‘IPStorm’ Arrested, Pleads Guilty in US

CVE-2023-33872

Improper access control in the Intel Support android application all verions may allow an authenticated user to potentially enable information disclosure via local access.

CVE-2023-38411

Improper access control in the Intel Smart Campus android application before version 9.4 may allow an authenticated user to potentially enable escalation of privilege via local access.

Android mtk_jpeg Driver Race Condition / Privilege Escalation

A race condition in the Android mtk_jpeg driver can lead to memory corruption and potential local privilege escalation.

Signal is testing usernames so you don’t have to share your phone number

The Signal messaging service is testing support for usernames as a replacement for phone numbers to serve as user identities

Iran-Linked Imperial Kitten Cyber Group Targeting Middle East's Tech Sectors

A group with links to Iran targeted transportation, logistics, and technology sectors in the Middle East, including Israel, in October 2023 amid a surge in Iranian cyber activity since the onset of the Israel-Hamas war. The attacks have been attributed by CrowdStrike to a threat actor it tracks under the name Imperial Kitten, and which is also known as Crimson Sandstorm (previously Curium),

Stealthy Kamran Spyware Targeting Urdu-speaking Users in Gilgit-Baltistan

Urdu-speaking readers of a regional news website that caters to the Gilgit-Baltistan region have likely emerged as a target of a watering hole attack designed to deliver a previously undocumented Android spyware dubbed Kamran. The campaign, ESET has discovered, leverages Hunza News (urdu.hunzanews[.]net), which, when opened on a mobile device, prompts visitors of the Urdu version to install its

CVE-2023-41270: SMOLD TV: Old & Smart

Improper Restriction of Excessive Authentication Attempts vulnerability in Samsung Smart TV UE40D7000 version T-GAPDEUC-1033.2 and before allows attackers to cause a denial of service via WPS attack tools.