4 matches found
A week in security (June 27 – July 3)
Last week on Malwarebytes Labs: Ransomware review: June 2022 AstraLocker 2.0 ransomware isn’t going to give you your files back YTStealer targets YouTube content creators ZuoRAT is a sophisticated malware that mainly targets SOHO routers Amazon Photos vulnerability could have given attackers acce...
Amazon Photos vulnerability could have given attackers access to user files and data
Amazon has patched a flaw in the Amazon Photos app which could have allowed an attacker to steal and use a users unique access token that verifies their identity across multiple Amazon APIs. That would give attackers access to a trove of information, since many of these APIs contain personal data...
Leaky Access Tokens Exposed Amazon Photos of Users
The Amazon Photos app for Android insufficiently protected user access tokens, according to a blog post published on Wednesday. Theoretically, with exposed tokens, an attacker could’ve accessed users’ personal data from a number of different Amazon apps – not just Photos but also, for example,...
Amazon Photos - Cloud Drive - Insecure KeyStore, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Amazon Photos - Cloud Drive published at the 'play' market has multiple vulnerabilities...