Security
Headlines
HeadlinesLatestCVEs

Tag

#wifi

Mercenary mayhem: A technical analysis of Intellexa's PREDATOR spyware

Commercial spyware use is on the rise, with actors leveraging these sophisticated tools to conduct surveillance operations against a growing number of targets. Cisco Talos has new details of a commercial spyware product sold by the spyware firm Intellexa (formerly known as Cytrox).

TALOS
Open in Source
#sql#vulnerability#web#ios#android#google#linux#cisco#git#intel#rce#perl#acer#samsung#huawei#auth#xiaomi#zero_day#chrome#sap#wifi#ssl
CVE-2023-33982: Three security issues found and fixed

Bramble Handshake Protocol (BHP) in Briar before 1.5.3 is not forward secure: eavesdroppers can decrypt network traffic between two accounts if they later compromise both accounts. NOTE: the eavesdropping is typically impractical because BHP runs over an encrypted session that uses the Tor hidden service protocol.

Tracking down a trojan: An inside look at threat hunting in a corporate network

Categories: Business How Malwarebytes MDR successfully helped a company detect and respond to the potent banking Trojan QBot. (Read more...) The post Tracking down a trojan: An inside look at threat hunting in a corporate network appeared first on Malwarebytes Labs.

Understand the Evolution of Captive Portal to Cloud Authentication Solutions

By Owais Sultan In today’s digital age, the use of the internet has become an integral part of our lives. Whether… This is a post from HackRead.com Read the original post: Understand the Evolution of Captive Portal to Cloud Authentication Solutions

CVE-2023-28392

Wi-Fi AP UNIT AC-WAPU-300 v1.00_B07 and earlier, AC-WAPU-300-P v1.00_B08P and earlier, AC-WAPUM-300 v1.00_B07 and earlier, and AC-WAPUM-300-P v1.00_B08P and earlier allow a remote authenticated attacker with an administrative privilege to execute an arbitrary OS command.

Identity crisis: How an anti-porn crusade could jam the Internet, featuring Alec Muffett: Lock and Code S04E11

Categories: Podcast This week on Lock and Code, we speak with longtime security researcher about the eerily similar attempts across the globe to weaken the Internet to achieve one specific, social goal. (Read more...) The post Identity crisis: How an anti-porn crusade could jam the Internet, featuring Alec Muffett: Lock and Code S04E11 appeared first on Malwarebytes Labs.

CVE-2023-27217: ‘FriendlyName’ Buffer Overflow Vulnerability in Wemo Smart Plug V2 | Sternum

A stack-based buffer overflow in the ChangeFriendlyName() function of Belkin Smart Outlet V2 F7c063 firmware_2.00.11420.OWRT.PVT_SNSV2 allows attackers to cause a Denial of Service (DoS) via a crafted UPNP request.

Child safety app riddled with vulnerabilities: Update now!

Categories: Personal Tags: Parental control kids place Tags: child Tags: safety Tags: controls Tags: restrict. block Tags: limit Tags: vulnerability Tags: exploit Tags: password Tags: upload Tags: dashboard Child safety app Parental Control - Kids Place has been found to have five vulnerabilities. You need to patch immediately to keep yourself secure. (Read more...) The post Child safety app riddled with vulnerabilities: Update now! appeared first on Malwarebytes Labs.

CVE-2023-31904: OffSec’s Exploit Database Archive

savysoda Wifi HD Wireless Disk Drive 11 is vulnerable to Local File Inclusion.

CVE-2023-1764: CP2023-002 Vulnerabilities of IJ Network Tool regarding Wi-Fi connection setup

Canon IJ Network Tool/Ver.4.7.5 and earlier (supported OS: OS X 10.9.5-macOS 13),IJ Network Tool/Ver.4.7.3 and earlier (supported OS: OS X 10.7.5-OS X 10.8) allows an attacker to acquire sensitive information on the Wi-Fi connection setup of the printer from the communication of the software.