Chinese Hackers Using Deepfakes in Advanced Mobile Banking Malware Attacks

A Chinese-speaking threat actor codenamed GoldFactory has been attributed to the development of highly sophisticated banking trojans, including a previously undocumented iOS malware called GoldPickaxe that's capable of harvesting identity documents, facial recognition data, and intercepting SMS...

The vulnerability of the UPnP SUBSCRIBE Message Handler component in the wireless access points from D-Link, such as the DAP-1650, allows a hacker to execute arbitrary commands.

The vulnerability of the UPnP SUBSCRIBE Message Handler component in the wireless access points from D-Link DAP-1650 is related to improper input validation. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands using specially crafted data...

Google Starts Blocking Sideloading of Potentially Dangerous Android Apps in Singapore

Google has unveiled a new pilot program in Singapore that aims to prevent users from sideloading certain apps that abuse Android app permissions to read one-time passwords and gather sensitive data. "This enhanced fraud protection will analyze and automatically block the installation of apps that...

how-to-play-reggae.com Cross Site Scripting vulnerability OBB-3849670

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Patchwork Using Romance Scam Lures to Infect Android Devices with VajraSpy Malware

The threat actor known as Patchwork likely used romance scam lures to trap victims in Pakistan and India, and infect their Android devices with a remote access trojan called VajraSpy. Slovak cybersecurity firm ESET said it uncovered 12 espionage apps, six of which were available for download from...

D-Link DAP-1650 Command Injection Vulnerability

The D-Link DAP-1650 is a WiFi range extender from China AUO D-Link. A security vulnerability exists in the D-Link DAP-1650 that originates from a command injection vulnerability when processing UPnP SUBSCRIBE messages...

kernel: HID: betop: check shape of output reports

In the Linux kernel, the following vulnerability has been resolved: HID: betop: check shape of output reports betopffinit only checks the total sum of the report counts for each report field to be at least 4, but hidbetopffplay expects 4 report fields. A device advertising an output report with o...

PT-2024-1619 · D Link · D-Link Dap-1650

Name of the Vulnerable Software and Affected Versions: D-Link DAP-1650 affected versions not specified Description: A command injection issue exists when handling UPnP SUBSCRIBE messages, allowing an unauthenticated attacker to gain command execution on the device as root. The vulnerability is...

Malicious code in tata-play-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 867763daffba0b82c690fe9281aba9d22b6e1610b024ef7ee0fbf233160d8a36 The OpenSSF Package Analysis project identified 'tata-play-web' @ 2.0.0 npm as malicious. It is considered malicious because: - The package...

MAL-2023-8736 Malicious code in tata-play-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 867763daffba0b82c690fe9281aba9d22b6e1610b024ef7ee0fbf233160d8a36 The OpenSSF Package Analysis project identified 'tata-play-web' @ 2.0.0 npm as malicious. It is considered malicious because: - The package...

FBI issues advisory over Play ransomware

The Federal Bureau of Investigation FBI, Cybersecurity and Infrastructure Security Agency CISA, and the Australian Signals Directorate’s Australian Cyber Security Centre ACSC have released a joint Cybersecurity Advisory CSA about Play ransomware. According to the FBI, Play made around 300 victims...

Play Ransomware A Global Threat Impacting Businesses

Summary: The Play ransomware group, active since June 2022, employs a double-extortion model, impacting businesses globally. Utilizing legitimate tools for malicious activities, the group has affected approximately 300 entities. Threat Level - Red | Attack Report For a detailed threat advisory,...

Double-Extortion Play Ransomware Strikes 300 Organizations Worldwide

The threat actors behind the Play ransomware are estimated to have impacted approximately 300 entities as of October 2023, according to a new joint cybersecurity advisory from Australia and the U.S. "Play ransomware actors employ a double-extortion model, encrypting systems after exfiltrating dat...

FBI, CISA, and ASD’s ACSC Release Advisory on Play Ransomware

Today, the Federal Bureau of Investigation FBI, Cybersecurity and Infrastructure Security Agency CISA, and the Australian Signals Directorate’s Australian Cyber Security Centre ASD's ACSC released a joint Cybersecurity Advisory CSA, StopRansomware: Play Ransomware, to disseminate Play ransomware...

SpyLoan Scandal: 18 Malicious Loan Apps Defraud Millions of Android Users

Cybersecurity researchers have discovered 18 malicious loan apps for Android on the Google Play Store that have been collectively downloaded over 12 million times. "Despite their attractive appearance, these services are in fact designed to defraud users by offering them high-interest-rate loans...

The vulnerability of the CAP_SYS_ADMIN mode of the interactive platform for studying containerization in Play With Docker (PWD) allows a hacker to elevate their privileges and escape from an isolated environment.

The vulnerability of the CAPSYSADMIN mode of the interactive platform for the Play With Docker PWD study involves deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to enhance their privileges and escape from an isolated environment...

IT threat evolution in Q3 2023. Mobile statistics

IT threat evolution in Q3 2023 IT threat evolution in Q3 2023. Non-mobile statistics IT threat evolution in Q3 2023. Mobile statistics These statistics are based on detection verdicts of Kaspersky products received from users who consented to providing statistical data. Quarterly figures Accordin...

Nothing Chats pulled from Google Play

Sometimes it’s all in the name. The Nothing Chats beta has been pulled from the Google Play Store after reports that the company behind it has access to your unencrypted messages. Nothing Phone 2 owners were promised a first-of-its-kind app developed in partnership with Sunbird, which allowed the...

Play Ransomware Goes Commercial - Now Offered as a Service to Cybercriminals

The ransomware strain known as Play is now being offered to other threat actors "as a service," new evidence unearthed by Adlumin has revealed. "The unusual lack of even small variations between attacks suggests that they are being carried out by affiliates who have purchased the...

Student discount: Get 50% off Malwarebytes

Technology is now an indispensable part of student life, used for everything from socialising and calling home, to writing and researching essays. Unfortunately, that makes students taking their first steps into adult life a prime target for cybercrime. But how can you be sure the Wi-Fi network...