13 matches found
EUVD-2018-5786
Malware in sbrugna...
CVE-2024-20897
Use of implicit intent for sensitive communication in FCM function in IMS service prior to SMR Jul-2024 Release 1 allows local attackers to get sensitive information...
Citrix EndPoint Management - Reconfigure your Firebase Cloud Messaging (FCM) in CEM console
As permigration guidance, Google is going to deprecate the FCM legacy APIs for HTTP, which is currently used in our Citrix Endpoint Management CEM FCM implementation. The migration deadline is on June 21, 2024. Customers need to migrate the FCM from legacy FCM API to HTTP v1 API. With the release...
PT-2024-21291 · Unknown · Element Android
Name of the Vulnerable Software and Affected Versions: Element Android versions 0.91.0 through 1.6.12 Description: A third-party malicious application installed on the same phone can force Element Android to share files stored under the files directory in the application's private data directory ...
Experts Warn of RambleOn Android Malware Targeting South Korean Journalists
Suspected North Korean nation-state actors targeted a journalist in South Korea with a malware-laced Android app as part of a social engineering campaign. The findings come from South Korea-based non-profit Interlab, which coined the new malware RambleOn. The malicious functionalities include the...
Experts Warn of RambleOn Android Malware Targeting South Korean Journalists
Suspected North Korean nation-state actors targeted a journalist in South Korea with a malware-laced Android app as part of a social engineering campaign. The findings come from South Korea-based non-profit Interlab, which coined the new malware RambleOn. The malicious functionalities include the...
This Week in Spring - December 6th, 2022
Hi, Spring fans! Welcome to another installment of This Week in Spring! How are you? You know what Ive wanted to do? See my friends on the Spring team in person since the pandemic descended. And, Im overjoyed to relate, Ive just had the privilege of a nice meeting with several of them last night...
Google Firebase cloud messaging abused to spread Android malware
By Waqas Dubbed Firestarter by researchers; the Android malware campaign is exploiting the Kashmir issue between India and Pakistan but its target remains the Pakistani government, noted Cisco Talos researchers. Cisco Talos researchers have discovered that the APT threat group DoNot exploits...
DoNot’s Firestarter abuses Google Firebase Cloud Messaging to spread
By Warren Mercer, Paul Rascagneres and Vitor Ventura. The newly discovered Firestarter malware uses Google Firebase Cloud Messaging to notify its authors of the final payload location.Even if the command and control C2 is taken down, the DoNot team can still redirect the malware to another C2 usi...
Sql injection
The "Firebase Cloud Messaging FCM + Advance Admin Panel" component supporting Firebase Push Notification on iOS through 2017-10-26 allows SQL injection via the /advancepush/public/login username parameter...
CVE-2018-13850
The "Firebase Cloud Messaging FCM + Advance Admin Panel" component supporting Firebase Push Notification on iOS through 2017-10-26 allows SQL injection via the /advancepush/public/login username parameter...
CVE-2018-13850
The "Firebase Cloud Messaging FCM + Advance Admin Panel" component supporting Firebase Push Notification on iOS through 2017-10-26 allows SQL injection via the /advancepush/public/login username parameter...
Beware! New Android Malware Infected 2 Million Google Play Store Users
Initially thought to be 600,000 users, the number of Android users who have mistakenly downloaded and installed malware on their devices straight from Google Play Store has reached 2 Million. Yes, about 2 Million Android users have fallen victim to malware hidden in over 40 fake companion guide...