India Orders Messaging Apps to Work Only With Active SIM Cards to Prevent Fraud and Misuse

India's Department of Telecommunications DoT has issued directions to app-based communication service providers to ensure that the platforms cannot be used without an active SIM card linked to the user's mobile number. To that end, messaging apps like WhatsApp, Telegram, Snapchat, Arattai,...

CVE-2019-10608

Information disclosure issue occurs as there is no binding between the secure keypad session and the secure display session that allows user to take control of the REE to stop the secure keypad session and read the keypad input. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity,...

ReCrystallize Server 安全漏洞

ReCrystallize is a reporting software from ReCrystallize, Inc. A security vulnerability exists in ReCrystallize Server version 5.10.0.0 that stems from the use of an authorization mechanism that relies on a cookie value but does not bind the cookie value to a session ID, which can be exploited by...

Google Chrome Beta Tests New DBSC Protection Against Cookie-Stealing Attacks

Google on Tuesday said it's piloting a new feature in Chrome called Device Bound Session Credentials DBSC to help protect users against session cookie theft by malware. The prototype – currently tested against "some" Google Account users running Chrome Beta – is built with an aim to make it an op...

CVE-2019-10608

Information disclosure issue occurs as there is no binding between the secure keypad session and the secure display session that allows user to take control of the REE to stop the secure keypad session and read the keypad input. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity,...