Lucene search
K

48 matches found

CVE
CVE
added 2020/10/15 12:40 p.m.42 views

CVE-2020-7744

CVE-2020-7744 affects all versions of the com.mintegral.msdk:alphab component in the Android Mintegral SDK. Connected sources describe a malicious module that monitors downloads from Google domains or Google apps and from APKs, then exfiltrates the captured data to Mintegral’s servers, continuing...

4.7CVSS4.6AI score0.00847EPSS
Exploits0References3Affected Software1
ThreatPost
ThreatPost
added 2020/10/06 3:16 p.m.43 views

COVID-19 Clinical Trials Slowed After Ransomware Attack

A ransomware attack has hit eResearchTechnology, a medical software company that supplies pharma companies with tools for conducting clinical trials – including trials for COVID-19 vaccines. The attackers could be financially motivated — or could be backed by a nation-state looking to gain...

0.8AI score
Exploits0References8
Github Security Blog
Github Security Blog
added 2020/09/02 8:28 p.m.21 views

Malicious Package in reqquest

All versions of reqquest typosquatted a popular package of similar name and tracked users who had installed the incorrect package. The package uploaded information to a remote server including: name of the downloaded package, name of the intended package, the Node version and whether the process...

3.9AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2020/09/02 8:20 p.m.26 views

Malicious Package in experss

All versions of experss typosquatted a popular package of similar name and tracked users who had installed the incorrect package. The package uploaded information to a remote server including: name of the downloaded package, name of the intended package, the Node version and whether the process w...

3.9AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2020/09/02 6:36 p.m.19 views

Malicious Package in asyync

All versions of asyync typosquatted a popular package of similar name and tracked users who had installed the incorrect package. The package uploaded information to a remote server including: name of the downloaded package, name of the intended package, the Node version and whether the process wa...

4.1AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2020/09/02 6:35 p.m.24 views

Malicious Package in asynnc

All versions of asynnc typosquatted a popular package of similar name and tracked users who had installed the incorrect package. The package uploaded information to a remote server including: name of the downloaded package, name of the intended package, the Node version and whether the process wa...

4AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2020/09/02 6:31 p.m.32 views

Malicious Package in jajajejejiji

All versions of jajajejejiji typosquatted a popular package of similar name and tracked users who had installed the incorrect package. The package uploaded information to a remote server including: name of the downloaded package, name of the intended package, the Node version and whether the...

4AI score
Exploits0References2Affected Software1
ThreatPost
ThreatPost
added 2019/12/04 2:0 p.m.130 views

EFF Talks the Corporate Surveillance of Consumers

You can’t protect your privacy if you don’t know how it’s being violated. That’s the essence of a report by the Electronic Frontier Foundation that shines a bright disinfecting light on how corporations are collecting data on consumers. Think Facebook-like data collection on steroids and you begi...

6AI score
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2019/07/23 12:0 a.m.4 views

The vulnerability of the data tracking utility’s peekfd function, caused by segmentation errors, allows a hacker to trigger a service failure.

The vulnerability of the data tracking utility’s peekfd function is caused by segmentation errors. Exploiting this vulnerability can allow an attacker to cause a service failure in the application by entering a specially crafted sequence of data in the command line...

4CVSS5.5AI score
Exploits0Affected Software1
Schneier on Security
Schneier on Security
added 2019/06/25 11:35 a.m.97 views

iPhone Apps Surreptitiously Communicated with Unknown Servers

Long news article alternate source on iPhone privacy, specifically the enormous amount of data your apps are collecting without your knowledge. A lot of this happens in the middle of the night, when you're probably not otherwise using your phone: IPhone apps I discovered tracking me by passing...

0.5AI score
Exploits0
Node.js
Node.js
added 2019/05/30 7:8 p.m.12 views

Malicious Package

Overview All versions of saync typosquatted a popular package of similar name and tracked users who had installed the incorrect package. The package uploaded information to a remote server including: name of the downloaded package, name of the intended package, the Node version and whether the...

6.6AI score
Exploits0Affected Software1
Node.js
Node.js
added 2019/05/30 7:8 p.m.16 views

Malicious Package

Overview All versions of reqest typosquatted a popular package of similar name and tracked users who had installed the incorrect package. The package uploaded information to a remote server including: name of the downloaded package, name of the intended package, the Node version and whether the...

6.6AI score
Exploits0Affected Software1
Node.js
Node.js
added 2019/05/06 2:17 p.m.17 views

Malicious Package

Overview All versions of reques typosquatted a popular package of similar name and tracked users who had installed the incorrect package. The package uploaded information to a remote server including: name of the downloaded package, name of the intended package, the Node version and whether the...

6.6AI score
Exploits0Affected Software1
ThreatPost
ThreatPost
added 2019/02/20 8:10 p.m.59 views

Apple's Shazam App Boots Facebook Ads and Other Third-Party SDKs

Shazam, the handy app that uses audio recognition to tell you what song is playing over any given set of speakers, has reportedly eliminated all third-party software developer kits SDKs in its iOS version except for one: HockeyApp. Apple, which bought the startup for $400 million last year, has...

6.6AI score
Exploits0References7
FireEye
FireEye
added 2018/12/12 5:30 p.m.18 views

FLARE Script Series: Automating Objective-C Code Analysis with Emulation

This blog post is the next episode in the FireEye Labs Advanced Reverse Engineering FLARE team Script Series. Today, we are sharing a new IDAPython library – flare-emu – powered by IDA Pro and the Unicorn emulation framework that provides scriptable emulation features for the x86, x8664, ARM, and...

6.5AI score
Exploits0References10
FireEye
FireEye
added 2018/12/12 12:30 p.m.15 views

FLARE Script Series: Automating Objective-C Code Analysis with Emulation

This blog post is the next episode in the FireEye Labs Advanced Reverse Engineering FLARE team Script Series. Today, we are sharing a new IDAPython library – flare-emu – powered by IDA Pro and the Unicorn emulation framework that provides scriptable emulation features for the x86, x8664, ARM, and...

6.1AI score
Exploits0
HackRead
HackRead
added 2018/09/17 3:18 p.m.57 views

Safari & Firefox browser to block user data tracking with new security add-ons

By Waqas Apple has been trying hard to improve the security mechanisms of its hardware and software products. The addition of new privacy features in Safari browser is yet another attempt to toughen security measures for preventing breaches and tracking by websites like Facebook. It is a well-kno...

1.4AI score
Exploits0
The Hacker News
The Hacker News
added 2018/09/03 5:6 p.m.1 views

Google Secretly Tracks What You Buy Offline Using Mastercard Data

Over a week after Google admitted the company tracks users' location even after they disable location history, it has now been revealed that the tech giant has signed a secret deal with Mastercard that allows it to track what users buy offline. Google has paid Mastercard millions of dollars in...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2016/02/10 2:21 a.m.15 views

Windows 10 Sends Your Data 5500 Times Every Day Even After Tweaking Privacy Settings

Myth: By disabling all privacy compromising and telemetry features on Windows 10 will stop Microsoft to track your activities. Fact: Even after all telemetry features disabled, Windows 10 is phoning home more than you could ever think of. Ever since the launch of Microsoft's newest operating...

6.5AI score
Exploits0
myhack58
myhack58
added 2015/11/26 12:0 a.m.29 views

Chrome third-party extensions to be exposed can record private information and sell it-vulnerability warning-the black bar safety net

The Swedish security firm Detectify Labs currently represents some of the Chrome extension app will track The user's Internet history, and even also includes Facebook Connect and privacy of the access token, is connected to a private Dropbox and Google Drive file link. Affect a wide range is not...

0.2AI score
Exploits0
Rows per page
Query Builder