101 matches found
A week in security (April 15 – 21)
Last week, Malwarebytes Labs revealed multiple giveaway online scam campaigns banking on the popularity and generosity of Ellen DeGeneres, weighed in on the hack that compromised legacy Microsoft email service accounts like Hotmail and MSN, explained what “like-farming” means and how to spot it o...
TicTocTrack Smartwatch Flaws Can Be Abused to Track Kids
UPDATE A popular smartwatch that allows parents to track their children’s whereabouts, TicTocTrack, has been discovered to be riddled with security issues that could allow hackers to track and call children. Researchers at Pen Test Partners revealed vulnerabilities in the watch sold in Australia ...
HP Isaac Mizrahi Smartwatch Security Feature Issue Vulnerability
HP Isaac Mizrahi is an application from Hewlett-Packard HP USA for managing access to the HP Isaac Mizrahi smartwatch. A security vulnerability exists in HP Isaac Mizrahi Smartwatch. An attacker could exploit the vulnerability to steal credentials and hijack the user interface...
Design/Logic Flaw
A potential security vulnerability caused by the use of insecure http transactions during login has been identified with early versions of the Isaac Mizrahi Smartwatch mobile app. HP has no access to customer data as a result of this issue...
CVE-2017-2748
A potential security vulnerability caused by the use of insecure http transactions during login has been identified with early versions of the Isaac Mizrahi Smartwatch mobile app. HP has no access to customer data as a result of this issue...
CVE-2017-2748
A potential security vulnerability caused by the use of insecure http transactions during login has been identified with early versions of the Isaac Mizrahi Smartwatch mobile app. HP has no access to customer data as a result of this issue...
CVE-2017-2748
The CVE-2017-2748 entry concerns insecure (http) login transactions in early versions of the Isaac Mizrahi Smartwatch mobile app. Affected component: Isaac Mizrahi Smartwatch mobile app (iOS earlier versions; Android earlier versions). Root cause: use of unencrypted HTTP during login, enabling cr...
Lenovo Watch X Riddled with Security Vulnerabilities
Researchers are raking the Lenovo Watch X over the security coals in a report that blasts the device for shipping with a half dozen “disturbing” privacy and security vulnerabilities. The budget $50 smartwatch was introduced in June 2018 and was initially praised for its design, features and...
This Week in Security News: Consumer Data and Malware
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn what security issues and critical threats will impact consumer data this year. Also, learn about a malicious Adobe app targeting macOS...
EU Recalls Children's Smartwatch That Leaks Location Data
UPDATE The European Commission has issued a recall for a popular smartwatch for children, citing “serious” privacy issues that could allow a bad actor to track or communicate with kids remotely. The issues exist in Safe-KID-One, an IoT watch made by German company Enox Group that allows parents t...
Shoddy security of popular smartwatch lets hackers access your child’s location
By Waqas Smartwatches are generally considered safe to keep track of your kids when they are outside the home. However, there is a scary new revelation about this seemingly reliable gadget that it is possible to hack GPS-enabled smartwatches. Probably a majority of children wear smartwatches thes...
HPSBGN03565 rev.1 - Unsecure (http) Transactions in Isaac Mizrahi Smartwatch Mobile App
Potential Security Impact Potential theft of credentials and UI hijack Source: HP, HP Product Security Response Team PSRT Reported by: Jerry Decime VULNERABILITY SUMMARY A potential security vulnerability caused by the use of unsecure http transactions during login has been identified with early...
Kernel Security Bypass Vulnerability in Multiple Apple Products (CNVD-2018-00179)
Apple iOS, macOS High Sierra, tvOS, and watchOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices. macOS High Sierra is a specialized operating system developed for Mac computers. tvOS is a smart TV operating system. watchOS is a smart watch operating system...
Pebble Smartwatch Device Spoofing Vulnerability
Pebble Smartwatch devices is a smartwatch from the American company Pebble. A security vulnerability exists in Pebble Smartwatch devices version 4.3 and earlier, which stems from the program's failure to properly handle UUID storage. An attacker can read arbitrary application flash memory and...
Code injection
Pebble Smartwatch devices through 4.3 mishandle UUID storage, which allows attackers to read an arbitrary application's flash storage, and access an arbitrary application's JavaScript instance, by modifying a UUID value within the header of a crafted application binary...
CVE-2016-10702
Pebble Smartwatch devices through 4.3 mishandle UUID storage, which allows attackers to read an arbitrary application's flash storage, and access an arbitrary application's JavaScript instance, by modifying a UUID value within the header of a crafted application binary...
CVE-2016-10702
Pebble Smartwatch devices through 4.3 mishandle UUID storage, which allows attackers to read an arbitrary application's flash storage, and access an arbitrary application's JavaScript instance, by modifying a UUID value within the header of a crafted application binary...
CVE-2016-10702
Pebble Smartwatch devices through 4.3 mishandle UUID storage, which allows attackers to read an arbitrary application's flash storage, and access an arbitrary application's JavaScript instance, by modifying a UUID value within the header of a crafted application binary...
CVE-2016-10702
Pebble Smartwatch devices (firmware up to 4.3) expose a vulnerability where UUID storage is mishandled, allowing an attacker to modify the header UUID of a crafted application binary. This can enable reading an arbitrary application’s flash storage and accessing the corresponding JavaScript insta...
Unspecified Vulnerability in Kernel Component of Multiple Apple Products
Apple iOS, macOS High Sierra, tvOS, and watchOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices. macOS High Sierra is a specialized operating system developed for Mac computers. tvOS is a smart TV operating system. watchOS is a smart watch operating system...