27 matches found
SafePay Ransomware: TTPs and Defense Strategies
When a threat actor disables your security software and starts deleting your backups, you’re already in the middle of a crisis. The operators behind SafePay ransomware are known for these exact tactics, deliberately sabotaging your ability to respond and recover. Catching an attack like this earl...
EUVD-2025-26826
Malicious code in bioql PyPI...
CVE-2025-48523
In onCreate of SelectAccountActivity.java, there is a possible way to add contacts without permission due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48523
In onCreate of SelectAccountActivity.java, there is a possible way to add contacts without permission due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48523
In onCreate of SelectAccountActivity.java, there is a possible way to add contacts without permission due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48523
In onCreate of SelectAccountActivity.java, there is a possible way to add contacts without permission due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48523
In onCreate of SelectAccountActivity.java, there is a possible way to add contacts without permission due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48523
In onCreate of SelectAccountActivity.java, there is a possible way to add contacts without permission due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48523
CVE-2025-48523 targets Android: the issue occurs in onCreate of SelectAccountActivity.java and allows adding contacts without the required permission due to a logic error. This enables local escalation of privilege with no additional execution privileges and without user interaction. Impact is de...
ASB-A-388032224
In onCreate of SelectAccountActivity.java, there is a possible way to add contacts without permission due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
SAMSUNG Mobile devices security vulnerability
SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, and more, from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices, which stems from a security issue in the AccountActivity of the Galaxy Store applicatio...
Google Android 代码问题漏洞
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that is caused by insecure deserialization when running ChooseTypeAndAccountActivity.java. An attacker can exploit the vulnerability to gain elevated...
CVE-2022-20501
In onCreate of EnableAccountPreferenceActivity.java, there is a possible way to mislead the user into enabling a malicious phone account due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for...
Twitter API Flaw Exposed Users Messages to Wrong Developers For Over a Year
The security and privacy issues with APIs and third-party app developers are something that's not just Facebook is dealing with. A bug in Twitter's API inadvertently exposed some users' direct messages DMs and protected tweets to unauthorized third-party app developers who weren't supposed to get...
Twitter API Flaw Exposed Users Messages to Wrong Developers For Over a Year
The security and privacy issues with APIs and third-party app developers are something that's not just Facebook is dealing with. A bug in Twitter's API inadvertently exposed some users' direct messages DMs and protected tweets to unauthorized third-party app developers who weren't supposed to get...
Here's How SIEM Can Protect Your Privileged Accounts in the Enterprise
It’s inevitable. Most security threats eventually target privileged accounts. In every organization each user has different permissions, and some users hold the metaphorical keys to your IT kingdom. If the privileged accounts get compromised, it can lead to theft or sabotage. Because these accoun...
WordPress Plugin All In One WP Security & Firewall admin/wp-security-list-acct-activity.php SQL Injection Vulnerability
WordPress is a set of blogging platform developed in PHP language by WordPress Software Foundation, which supports setting up personal blog sites on servers with PHP and MySQL.All In One WP Security & Firewall Plugin for WordPress is a Wordpress Security Plugin. The All In One WP Security &...
Microsoft Protects User Accounts with New Security Features
Microsoft announced yesterday that it will complement the two-factor authentication it enabled for account holders in April with additional security features designed to deny account hijacking and unauthorized access. Windows PC and mobile users, along with Outlook, SkyDrive, Xbox, Skype and othe...
Threat Outbreak Alert: Fake Account Fraud Alert Email Messages on November 21, 2013
Medium Alert ID: 31852 First Published: 2013 November 22 18:36 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain an irregular account activity notification for the recipient. The text in the email message attempts to...
Bank Fraud Suspects Net $1M in Citibank Casino Scheme
Fourteen individuals were charged late last week after the Federal Bureau of Investigation, along with the Los Angeles Police Department and the Glendale, Calif. Police Department found they were behind a scheme that extracted more than $1 million from Citibank cash-advance kiosks in Southern...