Security
Headlines
HeadlinesLatestCVEs

Tag

#ios

WhatsApp Introduces New Device Verification Feature to Prevent Account Takeover Attacks

Popular instant messaging app WhatsApp on Thursday announced a new account verification feature that ensures that malware running on a user's mobile device doesn't impact their account. "Mobile device malware is one of the biggest threats to people's privacy and security today because it can take advantage of your phone without your permission and use your WhatsApp to send unwanted messages,"

The Hacker News
Open in Source
#web#ios#android#git#intel#auth#sap#The Hacker News
Malicious ChatGPT & Google Bard Installers Distribute RedLine Stealer

By Waqas Watch out for compromised Facebook business pages offering fake and malware-infected installers for ChatGPT and Google Bard AI chatbot. This is a post from HackRead.com Read the original post: Malicious ChatGPT & Google Bard Installers Distribute RedLine Stealer

Microsoft: NSO Group-Like 'QuaDream' Actor Selling Mobile Spyware to Governments

Researchers at Microsoft have discovered links between a threat group tracked as DEV-0196 and an Israeli private-sector company, QuaDream, that sells a platform for exfiltrating data from mobile devices.

Sielco Analog FM Transmitter 2.12 Remote Privilege Escalation

Sielco Analog FM Transmitter version 2.12 suffers from a remote privilege escalation vulnerability.

Sielco Analog FM Transmitter 2.12 Improper Access Control

Sielco Analog FM Transmitter version 2.12 suffers from an improper access control vulnerability that allows for a lower privileged user to change the administrator's password.

CVE-2023-27830: TightVNC: What's New in TightVNC

TightVNC before v2.8.75 allows attackers to escalate privileges on the host operating system via replacing legitimate files with crafted files when executing a file transfer. This is due to the fact that TightVNC runs in the backend as a high-privileges account.

Israel-based Spyware Firm QuaDream Targets High-Risk iPhones with Zero-Click Exploit

Threat actors using hacking tools from an Israeli surveillanceware vendor named QuaDream targeted at least five members of civil society in North America, Central Asia, Southeast Asia, Europe, and the Middle East. According to findings from a group of researchers from the Citizen Lab, the spyware campaign was directed against journalists, political opposition figures, and an NGO worker in 2021.

Don't plug your phone into a free charging station, warns FBI

Categories: Awareness Categories: News Tags: FBI Tags: juice jacking Tags: public chargers The FBI warned consumers against using free public charging stations, stating that criminals have managed to hijack public chargers to infect devices with malware. (Read more...) The post Don't plug your phone into a free charging station, warns FBI appeared first on Malwarebytes Labs.

Microsoft (& Apple) Patch Tuesday, April 2023 Edition

Microsoft today released software updates to plug 100 security holes in its Windows operating systems and other software, including a zero-day vulnerability that is already being used in active attacks. Not to be outdone, Apple has released a set of important updates addressing two zero-day vulnerabilities that are being used to attack iPhones, iPads and Macs.