Security
Headlines
HeadlinesLatestCVEs

Tag

#samsung

CVE-2021-0701: Android Security Bulletin—June 2023

Product: AndroidVersions: Android SoCAndroid ID: A-277775870

CVE
Open in Source
#vulnerability#android#google#dos#rce#nokia#samsung#huawei
Microsoft Releases Updates to Patch Critical Flaws in Windows and Other Software

Microsoft has rolled out fixes for its Windows operating system and other software components to remediate major security shortcomings as part of Patch Tuesday updates for June 2023. Of the 73 flaws, six are rated Critical, 63 are rated Important, two are rated Moderated, and one is rated Low in severity. This also includes three issues the tech giant addressed in its Chromium-based Edge browser

CVE-2022-24695: IEEE Symposium on Security and Privacy 2023

Bluetooth Classic in Bluetooth Core Specification through 5.3 does not properly conceal device information for Bluetooth transceivers in Non-Discoverable mode. By conducting an efficient over-the-air attack, an attacker can fully extract the permanent, unique Bluetooth MAC identifier, along with device capabilities and identifiers, some of which may contain identifying information about the device owner. This additionally allows the attacker to establish a connection to the target device.

New BrutePrint Attack Lets Attackers Unlock Smartphones with Fingerprint Brute-Force

Researchers have discovered an inexpensive attack technique that could be leveraged to brute-force fingerprints on smartphones to bypass user authentication and seize control of the devices. The approach, dubbed BrutePrint, bypasses limits put in place to counter failed biometric authentication attempts by weaponizing two zero-day vulnerabilities in the smartphone fingerprint authentication (SFA

Predator Android Spyware: Researchers Sound the Alarm on Alarming Capabilities

Security researchers have shared a deep dive into the commercial Android spyware called Predator, which is marketed by the Israeli company Intellexa (previously Cytrox). Predator was first documented by Google's Threat Analysis Group (TAG) in May 2022 as part of attacks leveraging five different zero-day flaws in the Chrome web browser and Android. The spyware, which is delivered by means of

Mercenary mayhem: A technical analysis of Intellexa's PREDATOR spyware

Commercial spyware use is on the rise, with actors leveraging these sophisticated tools to conduct surveillance operations against a growing number of targets. Cisco Talos has new details of a commercial spyware product sold by the spyware firm Intellexa (formerly known as Cytrox).

ChatGPT: Cybersecurity friend or foe?

Categories: Business There are a lot of benefits to ChatGPT, but many in the security community have concerns about it. Malwarebytes' CEO Marcin Kleczynski takes a deep dive into the topic. (Read more...) The post ChatGPT: Cybersecurity friend or foe? appeared first on Malwarebytes Labs.

Samsung Devices Under Active Exploitation! CISA Warns of Critical Flaw

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned of active exploitation of a medium-severity flaw affecting Samsung devices. The issue, tracked as CVE-2023-21492 (CVSS score: 4.4), impacts select Samsung devices running Android versions 11, 12, and 13. The South Korean electronics giant described the issue as an information disclosure flaw that could be exploited by a

3 Ways Hackers Use ChatGPT to Cause Security Headaches

As ChatGPT adoption grows, the industry needs to proceed with caution. Here's why.

LayerZero Labs Launches $15M Bug Bounty; Largest in the World

Launched in partnership with Immunefi, bounty to promote Web3 security.