Security
Headlines
HeadlinesLatestCVEs

Tag

#git

200+ Malicious Apps on Iranian Android Store Installed by Millions of Banking Users

An Android malware campaign targeting Iranian banks has expanded its capabilities and incorporated additional evasion tactics to fly under the radar. That's according to a new report from Zimperium, which discovered more than 200 malicious apps associated with the malicious operation, with the threat actor also observed carrying out phishing attacks against the targeted financial institutions.

The Hacker News
Open in Source
#web#ios#android#apple#git#The Hacker News
Discover Why Proactive Web Security Outsmarts Traditional Antivirus Solutions

In a rapidly evolving digital landscape, it's crucial to reevaluate how we secure web environments. Traditional antivirus-approach solutions have their merits, but they're reactive. A new report delves into the reasons for embracing proactive web security solutions, ensuring you stay ahead of emerging threats.  To learn more, download the full report here. The New Paradigm If you’ve been relying

Okta Discloses Broader Impact Linked to October 2023 Support System Breach

Identity services provider Okta has disclosed that it detected "additional threat actor activity" in connection with the October 2023 breach of its support case management system. "The threat actor downloaded the names and email addresses of all Okta customer support system users," the company said in a statement shared with The Hacker News. "All Okta Workforce Identity Cloud (WIC) and Customer

CVE-2023-45482: IOTvul/assets/get_parentControl_list_Info_code.png at master · l3m0nade/IOTvul

Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the urls parameter in the function get_parentControl_list_Info.

CVE-2023-45481: IOTvul/assets/setFirewallCfg_code.png at master · l3m0nade/IOTvul

Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the firewallEn parameter in the function SetFirewallCfg.

CVE-2023-45483: IOTvul/assets/compare_parentcontrol_time_code.png at master · l3m0nade/IOTvul

Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the time parameter in the function compare_parentcontrol_time.

CVE-2023-45484: IOTvul/assets/fromSetWifiGuestBasic_code.png at master · l3m0nade/IOTvul

Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGuestBasic.

CVE-2023-45479: IOTvul/assets/sub_49E098_code.png at master · l3m0nade/IOTvul

Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the list parameter in the function sub_49E098.

CVE-2023-45480: IOTvul/assets/sub_47d878_code.png at master · l3m0nade/IOTvul

Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the src parameter in the function sub_47D878.

DJVU Ransomware's Latest Variant 'Xaro' Disguised as Cracked Software

A variant of a ransomware strain known as DJVU has been observed to be distributed in the form of cracked software. "While this attack pattern is not new, incidents involving a DJVU variant that appends the .xaro extension to affected files and demanding ransom for a decryptor have been observed infecting systems alongside a host of various commodity loaders and infostealers," Cybereason