Lucene search
K

199 matches found

Prion
Prion
added 2019/11/14 5:15 p.m.10 views

Input validation

The Tecno Camon iClick Android device with a build fingerprint of TECNO/H633/TECNO-IN6:8.1.0/O11019/A-180409V96:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.8. This app contains an exported service named...

7.2CVSS7.5AI score0.00332EPSS
Exploits0References1
Prion
Prion
added 2019/11/14 5:15 p.m.16 views

Input validation

The Tecno Camon iAir 2 Plus Android device with a build fingerprint of TECNO/H622/TECNO-ID3k:8.1.0/O11019/E-180914V83:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.11. This app contains an exported service...

7.2CVSS7.5AI score0.00332EPSS
Exploits0References1
Prion
Prion
added 2019/11/14 5:15 p.m.21 views

Input validation

The Coolpad 1851 Android device with a build fingerprint of Coolpad/android/android:8.1.0/O11019/1534834761:userdebug/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.1.13. This app contains an exported service name...

9.3CVSS7.8AI score0.01066EPSS
Exploits0References1
Prion
Prion
added 2019/11/14 5:15 p.m.13 views

Input validation

The Tecno Camon iClick 2 Android device with a build fingerprint of TECNO/H622/TECNO-ID6:8.1.0/O11019/F-180824V116:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.11. This app contains an exported service...

7.2CVSS7.5AI score0.00387EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/11/14 4:25 p.m.25 views

CVE-2019-15389

The Haier A6 Android device with a build fingerprint of Haier/A6/A6:8.1.0/O11019/1534219877:userdebug/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.1.13. This app contains an exported service named...

8AI score0.01066EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/11/14 4:25 p.m.27 views

CVE-2019-15388

The Coolpad 1851 Android device with a build fingerprint of Coolpad/android/android:8.1.0/O11019/1534834761:userdebug/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.1.13. This app contains an exported service name...

8AI score0.01066EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/11/14 4:24 p.m.29 views

CVE-2019-15351

The Tecno Camon Android device with a build fingerprint of TECNO/H622/TECNO-ID5b:8.1.0/O11019/G-180829V31:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.11. This app contains an exported service named...

7.6AI score0.00387EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/11/14 4:24 p.m.26 views

CVE-2019-15350

The Tecno Camon Android device with a build fingerprint of TECNO/H622/TECNO-ID5b:8.1.0/O11019/G-180829V31:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.11. This app contains an exported service named...

7.6AI score0.00332EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/11/14 4:24 p.m.27 views

CVE-2019-15348

The Tecno Camon Android device with a build fingerprint of TECNO/H612/TECNO-ID5a:8.1.0/O11019/F-180828V106:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.11. This app contains an exported service named...

7.6AI score0.00387EPSS
Exploits0References1
CVE
CVE
added 2019/11/14 4:24 p.m.38 views

CVE-2019-15348

CVE-2019-15348 affects Tecno Camon Android devices that include a pre-installed platform app com.lovelyfont.defcontainer (FontCoverService). The exported service allows any co-located app to pass arbitrary shell-script commands to be executed as the system user when triggered via a logcat message...

7.8CVSS7.5AI score0.00387EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/11/14 4:24 p.m.28 views

CVE-2019-15346

The Tecno Camon iClick 2 Android device with a build fingerprint of TECNO/H622/TECNO-ID6:8.1.0/O11019/F-180824V116:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.11. This app contains an exported service...

7.6AI score0.00332EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2019/11/06 4:26 p.m.64 views

DarkUniverse APT Emerges to Deliver Sophisticated, Targeted Spy Attacks

A sophisticated espionage APT that was active for at least eight years before receding into the shadows has been uncovered — and researchers said that it may still be active. In April 2017, ShadowBrokers published one of their many leaks of cyberweapons used by the National Security Agency NSA an...

0.4AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/09/24 3:16 p.m.123 views

Dtrack RAT is Behind Virulent ATM-Espionage Campaign

An espionage malware called Dtrack – and a related variant, ATMDtrack – has been traced back to the notorious North Korea-linked Lazarus Group APT. Both have been identified this month targeting victims in India. According to researcher Konstantin Zykov of Kaspersky, researchers first uncovered...

0.7AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/09/09 7:2 p.m.51 views

PsiXBot Adds PornModule, Google DNS Service to Its Arsenal

The PsiXBot malware has made a few changes in recent weeks, including implementing Google’s DNS over HTTPS DoH and adding the blackmail-ready “PornModule” to its bag of tricks. PsiXBot is a multi-use Windows malware that has a range of capabilities, including keylogging, stealing passwords and...

1.3AI score
Exploits0References5
Securelist
Securelist
added 2019/08/29 2:0 p.m.555 views

Fully equipped Spying Android RAT from Brazil: BRATA

"BRATA" is a new Android remote access tool malware family. We used this code name based on its description - "Brazilian RAT Android". It exclusively targets victims in Brazil: however, theoretically it could also be used to attack any other Android user if the cybercriminals behind it want to. I...

7.5CVSS0.39166EPSS
Exploits0
ThreatPost
ThreatPost
added 2019/08/20 3:9 p.m.59 views

Adwind Spyware-as-a-Service Attacks Utility Grid Operators

A phishing campaign that spoofs a PDF attachment to deliver Adwind spyware has been taking aim at national grid utilities infrastructure. Adwind, a.k.a. JRAT or SockRat, is being used in a malware-as-a-service model in this campaign, researchers said. It offers a full cadre of info-gathering...

7.5AI score
Exploits0References6
The Hacker News
The Hacker News
added 2019/07/10 12:29 p.m.86 views

Powerful FinSpy Spyware Found Targeting iOS and Android Users in Myanmar

One of the most powerful, infamous, and advanced piece of government-grade commercial surveillance spyware dubbed FinSpy—also known as FinFisher—has been discovered in the wild targeting users in Myanmar. Created by German company Gamma International, FinSpy is spying software that can target...

0.1AI score
Exploits0
Talos Blog
Talos Blog
added 2019/06/14 9:58 a.m.142 views

Threat Roundup for June 7 to June 14

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 07 and June 14. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...

7.9AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2019/06/13 10:36 a.m.222 views

Covert Keylogging: Sniping your Typing

There have been many attempts at making key logging devices or software over the years, however, whilst a DIY solution is usually made from large Raspberry Pi devices or Arduino boards, the KeyLogger PRO offering from Maltronics has raised a few eyebrows with regards to the wealth of features...

6.7AI score
Exploits0
CVE
CVE
added 2019/06/07 8:4 p.m.225 views

CVE-2019-12505

CVE-2019-12505 affects Inateck WP1001 wireless presenter (Rev. v1.3C). The issue arises from unencrypted and unauthenticated data communication over the 2.4 GHz link, enabling a remote attacker to perform keystroke injection and send arbitrary keystrokes to a victim’s computer when the target is ...

8.8CVSS8.9AI score0.01333EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder