#ios

We found a Facebook scam that aims to redirect victims to sites promoting PUPs, adware, or other fraudulent sites.

By Waqas From Bubbles to Bytes: Lush investigates 'cyber incident' without giving any substantial information to customers. This is a post from HackRead.com Read the original post: British Cosmetics Retailer Lush Investigating Cyber Attack

By Uzair Amir In the labyrinth of financial scams, one of the most insidious is the retirement banking scam. Imagine a… This is a post from HackRead.com Read the original post: Unravelling Retirement Banking Scams and How To Protect Yourself

Picture a cybersecurity landscape where defenses are impenetrable, and threats are nothing more than mere disturbances deflected by a strong shield. Sadly, this image of fortitude remains a pipe dream despite its comforting nature. In the security world, preparedness is not just a luxury but a necessity. In this context, Mike Tyson's famous adage, "Everyone has a plan until they get punched in

By Waqas Volkswagen announced the surprising development at CES 2024 (Consumer Electronics Show) in Las Vegas. This is a post from HackRead.com Read the original post: Volkswagen Goes AI, Integrates ChatGPT into its Vehicles

Microsoft's patch Tuesday roundup looks like a relatively quiet one. Unless your organization uses FBX files.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added six security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. This includes CVE-2023-27524 (CVSS score: 8.9), a high-severity vulnerability impacting the Apache Superset open-source data visualization software that could enable remote code execution.

## Summary Before version [v2.11.0](https://github.com/mrousavy/react-native-mmkv/releases/tag/v2.11.0), the react-native-mmkv logged the optional encryption key for the MMKV database into the Android system log. The key can be obtained by anyone with access to the Android Debugging Bridge (ADB) if it is enabled in the phone settings. This bug is not present on iOS devices. ## Details The bridge for communicating between JS code and native code on Android logs the encryption key. This was fixed in commit [a8995cc](https://github.com/mrousavy/react-native-mmkv/commit/a8995ccb7184281f7d168bad3e9987c9bd05f00d) by only logging whether encryption is used. ## Impact The encryption of an MMKV database protects data from higher privilege processes on the phone that can access the app storage. Additionally, if data in the app's storage is encrypted, it is also encrypted in potential backups. By logging the encryption secret to the system logs, attackers can trivially recover the secret by ena...

Ubuntu Security Notice 6567-1 - Gaoning Pan and Xingwei Li discovered that QEMU incorrectly handled the USB xHCI controller device. A privileged guest attacker could possibly use this issue to cause QEMU to crash, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. It was discovered that QEMU incorrectly handled the TCG Accelerator. A local attacker could use this issue to cause QEMU to crash, leading to a denial of service, or possibly execute arbitrary code and escalate privileges. This issue only affected Ubuntu 20.04 LTS.

Collaboration is a powerful selling point for SaaS applications. Microsoft, Github, Miro, and others promote the collaborative nature of their software applications that allows users to do more. Links to files, repositories, and boards can be shared with anyone, anywhere. This encourages teamwork that helps create stronger campaigns and projects by encouraging collaboration among employees