EUVD-2022-3493

Malicious code in bioql PyPI...

CVE-2019-10379

Jenkins Google Cloud Messaging Notification Plugin 1.0 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

CVE-2022-22302

A clear text storage of sensitive information CWE-312 vulnerability in both FortiGate version 6.4.0 through 6.4.1, 6.2.0 through 6.2.9 and 6.0.0 through 6.0.13 and FortiAuthenticator version 5.5.0 and all versions of 6.1 and 6.0 may allow a local unauthorized party to retrieve the Fortinet privat...

Information disclosure

A clear text storage of sensitive information CWE-312 vulnerability in both FortiGate version 6.4.0 through 6.4.1, 6.2.0 through 6.2.9 and 6.0.0 through 6.0.13 and FortiAuthenticator version 5.5.0 and all versions of 6.1 and 6.0 may allow a local unauthorized party to retrieve the Fortinet privat...

CVE-2022-22302

A clear text storage of sensitive information CWE-312 vulnerability in both FortiGate version 6.4.0 through 6.4.1, 6.2.0 through 6.2.9 and 6.0.0 through 6.0.13 and FortiAuthenticator version 5.5.0 and all versions of 6.1 and 6.0 may allow a local unauthorized party to retrieve the Fortinet privat...

PT-2023-1501 · Fortinet · Fortiauthenticator +2

Name of the Vulnerable Software and Affected Versions: FortiGate versions 6.0.0 through 6.0.13 FortiGate versions 6.2.0 through 6.2.9 FortiGate versions 6.4.0 through 6.4.1 FortiAuthenticator version 5.5.0 FortiAuthenticator versions 6.0 FortiAuthenticator versions 6.1 Description: A clear text...

GHSA-C3R5-VXJ6-62MC Jenkins Google Cloud Messaging Notification Plugin stores credentials in plain text

Jenkins Google Cloud Messaging Notification Plugin 1.0 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

Jenkins Google Cloud Messaging Notification Plugin stores credentials in plain text

Jenkins Google Cloud Messaging Notification Plugin 1.0 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

Google Firebase cloud messaging abused to spread Android malware

By Waqas Dubbed Firestarter by researchers; the Android malware campaign is exploiting the Kashmir issue between India and Pakistan but its target remains the Pakistani government, noted Cisco Talos researchers. Cisco Talos researchers have discovered that the APT threat group DoNot exploits...

Design/Logic Flaw

Jenkins Google Cloud Messaging Notification Plugin 1.0 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

CVE-2019-10379

CVE-2019-10379 affects the Jenkins Google Cloud Messaging Notification Plugin (version 1.0 and earlier). The root cause is that credentials are stored unencrypted in the plugin’s global configuration file on the Jenkins master, enabling access by users with master filesystem access. Connected doc...

The Rotexy mobile Trojan – banker and ransomware

On the back of a surge in Trojan activity, we decided to carry out an in-depth analysis and track the evolution of some other popular malware families besides Asacub. One of the most interesting and active specimens to date was a mobile Trojan from the Rotexy family. In a three-month period from...

How to Safely Remove Android Traybar Icon in XenMobile

This article describes how to safely remove Android traybar icon in XenMobile. Background XenMobile has a lot of great policies to manageyour users' mobile devices. I'm going to discuss one in particular that can be a little tricky. We'll be updating our documentation to cover this in a bit more...

Flappy Bird app clones send text messages to Premium Number

Flappy Bird, developed by a 29-year old, Dong Nguyen, was one of the top free gaming apps of the last month, but now officially unavailable for users. After achieving income of $50,000 per day in advertising revenue, Dong Nguyen pulled out Flappy Bird gaming app from all the web app stores and no...

Android Malware uses Google Cloud Messaging Service; infected over 5 Million Devices

The Kaspersky Lab researchers recently have discovered a number of Android malware apps are abusing the Google Cloud Messaging Service GCM as Command and Control server. The GCM service allows Android app developers to send messages using JSON Format for installed apps, but hackers exploited it f...

Android Malware uses Google Cloud Messaging Service; infected over 5 Million Devices

The Kaspersky Lab researchers recently have discovered a number of Android malware apps are abusing the Google Cloud Messaging Service GCM as Command and Control server. The GCM service allows Android app developers to send messages using JSON Format for installed apps, but hackers exploited it f...

Android Malware Found Exploiting Google Cloud Messaging Service

Researchers have discovered a number of malicious Android apps are using Google’s Cloud Messaging service and leveraging it as a command and control server to carry out attacks. A post on Securelist today by Kaspersky Lab’s Roman Unuchek, breaks down five Trojans that have been spotted checking i...