MeetMe 安全漏洞

MeetMe is a dating software from MeetMe, Inc. A security vulnerability exists in MeetMe version 2.2.5 and prior versions, which stems from insecure storage of sensitive information and could lead to the retrieval of embedded sensitive data...

Dating app scammer cons former US army colonel into leaking national secrets

Even hard-headed military types can fall victim to romance scams, it seems. A former US army colonel faces up to ten years in prison after revealing national secrets on a foreign dating app. David Slater was a retired colonel in the US army who took up work as a civilian at US Strategic Command,...

A week in security (May 4 – May 10)

Last week on Malwarebytes Labs: The AI chatbot cop squad is here Lock and Code S06E09 Android fixes 47 vulnerabilities, including one zero-day. Update as soon as you can! "Your privacy is a promise we don’t break": Dating app Raw exposes sensitive user data FBI issues warning as scammers target...

Arid Viper Targeting Arabic Android Users with Spyware Disguised as Dating App

The threat actor known as Arid Viper aka APT-C-23, Desert Falcon, or TAG-63 has been attributed as behind an Android spyware campaign targeting Arabic-speaking users with a counterfeit dating app designed to harvest data from infected handsets. "Arid Viper's Android malware has a number of featur...

Arid Viper disguising mobile spyware as updates for non-malicious Android applications

Since April 2022, Cisco Talos has been tracking a malicious campaign operated by the espionage-motivated Arid Viper advanced persistent threat APT group targeting Arabic-speaking Android users. In this campaign, the actors leverage custom mobile malware, also known as Android Package files APKs, ...

WhosHere Plus. Trilateration vulnerability

WhosHere Plus is a dating app that uses GPS data to recommend users near to each other, based on similar interests. PTP constantly researches the state of privacy and security in apps that use GPS data, because the consequences of poor security and privacy are alarming: Tracking and snooping on a...

5 ways to avoid being catfished

Today, many Americans will head out to the water—not to swim, but to catch a catfish in time for National Catfish Day. But when we talk about catfishing in cybersecurity, we mean something different. Here, catfishing refers to someone who assumes someone elses identity online in order to harass,...

Belloo 权限许可和访问控制问题漏洞

Belloo, a "high quality" dating software from Belloo, is vulnerable to permission and access control issues due to a weak password reset mechanism in requestsuser.php, which could be exploited to bypass authentication vulnerabilities and take over an account...

Top Japanese dating app Omiai hacked; 1.71 million users at risk

By Habiba Rashid Hackread.com can confirm that threat actors on several hacker forums are already hunting for stolen Omiai database. This is a post from HackRead.com Read the original post: Top Japanese dating app Omiai hacked; 1.71 million users at risk...

The US Military Buys Commercial Location Data

Vice has a long article about how the US military buys commercial location data worldwide. The U.S. military is buying the granular movement data of people around the world, harvested from innocuous-seeming apps, Motherboard has learned. The most popular app among a group Motherboard analyzed...

Vulnerability in Bumble dating app risked data of 100 million users

By Sudais Asif It took Bumble 255 days to respond and fix some of the vulnerabilities reported by the researcher. This is a post from HackRead.com Read the original post: Vulnerability in Bumble dating app risked data of 100 million users...

Denial of Service Vulnerability in Stray Sound App

Stranger Sound APP is a dating app that singles are playing. A denial of service vulnerability exists in Stranger Sound APP, which can be exploited by attackers to cause the app to crash...

OkCupid Security Flaw Threatens Intimate Dater Details

Researchers have discovered a slew of issues in the popular OkCupid dating app, which could have allowed attackers to collect users’ sensitive dating information, manipulate their profile data or even send messages from their profile. OkCupid is one of the most popular dating platforms worldwide,...

Beijing Mo Yan Ju Ke Culture Communication Co. pat dating app has denial of service vulnerability

Pat Dating app is a new social chat dating application. Pat Dating app has a denial of service vulnerability that can be exploited by an attacker to cause a denial of service vulnerability...

Apple iPhone Users Bombarded with Bogus Dating App for Valentine's Day

A malicious email campaign aimed at iPhone owners is making the rounds this week, using a bouquet of different themes to scam victims, just in time for Valentine’s Day – including a fake dating app. The gambit begins far afield from romance however, with an email from “Nerve Renew,” claiming to...

New Research on the Adtech Industry

The Norwegian Consumer Council has published an extensive report about how the adtech industry violates consumer privacy. At the same time, it is filing three legal complaints against six companies in this space. From a Twitter summary: 1. thread We are filing legal complaints against six...

Dating App Jack'd Fined After Leaking Users' Nude Pics

LGBTQ dating app Jack’d must cough up a $240,000 fine and “make substantial changes to improve security” on the heels of a security faux pas that leaked the private data – including nude photos – of thousands of its users. Jack’d is a popular location-based app that caters to gay and bisexual men...

Apple Data Downloads, A Dating App for Trump Fans, and More Security News This Week

North Korean bitcoin theft, Fake FCC complaints, and more security news this week...

loveU dating app has SMS bombing vulnerability

loveU Matchmaking Dating APP is a real-name matchmaking dating software. There is an SMS bombing vulnerability in loveU dating APP. An attacker can exploit the vulnerability to replay the packets sending verification code without limitation and bombard the client with SMS...

This Week in Security News

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back...