12 matches found
CVE-2026-38740
Foscam VD1 Video Doorbell before V5.3.131072 is vulnerable to Cleartext Transmission of Sensitive Information. The device transmits sensitive Session Description Protocol SDP, including ICE credentials and candidates, in cleartext over network interfaces. An attacker with network visibility can...
CVE-2026-38740
Foscam VD1 Video Doorbell before V5.3.131072 is vulnerable to Cleartext Transmission of Sensitive Information. The device transmits sensitive Session Description Protocol SDP, including ICE credentials and candidates, in cleartext over network interfaces. An attacker with network visibility can...
Foscam VD1 Video Doorbell 安全漏洞
The Foscam VD1 Video Doorbell is a smart video doorbell from the American company Foscam, capable of supporting high-definition video surveillance and two-way voice communication. Versions of the Foscam VD1 Video Doorbell prior to V5.3.131072 contained security vulnerabilities. These...
CVE-2026-38740
CVE-2026-38740 affects the Foscam VD1 Video Doorbell (pre‑V5.3.13_1072). The root cause is cleartext transmission of sensitive SDP data, including ICE credentials and candidates, exposed over network interfaces. An attacker with network visibility can intercept these credentials to hijack media s...
Linux Distros Unpatched Vulnerability : CVE-2017-14099
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In res/resrtpasterisk.c in Asterisk 11.x before 11.25.2, 13.x before 13.17.1, and 14.x before 14.6.1 and Certified Asterisk 11.x before 11.6-cert17 and 13.x...
A week in security (June 3 – June 9)
Last week on Malwarebytes Labs: Google will start deleting location history Advance Auto Parts customer data posted for sale Husband stalked ex-wife with seven AirTags, indictment says Microsoft Recall snapshots can be easily grabbed with TotalRecall tool Financial sextortion scams on the rise Sa...
SEC X account hacked to hawk crypto-scams
We have seen several high-profile accounts that were taken over on X formerly Twitter only to be used for cryptocurrency related promotional activities, like expressing the approval of exchange-traded funds ETFs. The latest victim in this line-up is the Securities and Exchange Commission SEC. The...
New S1deload Malware Hijacking Users' Social Media Accounts and Mining Cryptocurrency
An active malware campaign has set its sights on Facebook and YouTube users by leveraging a new information stealer to hijack the accounts and abuse the systems' resources to mine cryptocurrency. Bitdefender is calling the malware S1deload Stealer for its use of DLL side-loading techniques to get...
Nine Charged in Alleged SIM Swapping Ring
Eight Americans and an Irishman have been charged with wire fraud this week for allegedly hijacking mobile phones through SIM-swapping, a form of fraud in which scammers bribe or trick employees at mobile phone stores into seizing control of the target's phone number and diverting all texts and...
DEBIAN-CVE-2017-14099
In res/resrtpasterisk.c in Asterisk 11.x before 11.25.2, 13.x before 13.17.1, and 14.x before 14.6.1 and Certified Asterisk 11.x before 11.6-cert17 and 13.x before 13.13-cert5, unauthorized data disclosure media takeover in the RTP stack is possible with careful timing by an attacker. The...
CVE-2017-14099
In res/resrtpasterisk.c in Asterisk 11.x before 11.25.2, 13.x before 13.17.1, and 14.x before 14.6.1 and Certified Asterisk 11.x before 11.6-cert17 and 13.x before 13.13-cert5, unauthorized data disclosure media takeover in the RTP stack is possible with careful timing by an attacker. The...
FBI Most Wanted — Three 'Syrian Electronic Army' Hackers Charged for Cyber Crime
Syrian Electronic Army SEA Hackers have made their place on the FBI's Most Wanted List. The US Department of Justice and the Federal Bureau of Investigation FBI are willing to pay $100,000 reward for any information that leads to the arrest of the heads of the infamous hacking group Syrian...