9058 matches found
CVE-2023-39801
A lack of exception handling in the Renault Easy Link Multimedia System Software Version 283C35519R allows attackers to cause a Denial of Service DoS via supplying crafted WMA files when connecting a device to the vehicle's USB plug and play feature...
CVE-2023-39801
A lack of exception handling in the Renault Easy Link Multimedia System Software Version 283C35519R allows attackers to cause a Denial of Service DoS via supplying crafted WMA files when connecting a device to the vehicle's USB plug and play feature...
Design/Logic Flaw
A lack of exception handling in the Renault Easy Link Multimedia System Software Version 283C35519R allows attackers to cause a Denial of Service DoS via supplying crafted WMA files when connecting a device to the vehicle's USB plug and play feature...
Years into these games’ histories, attackers are still creating “Fortnite” and “Roblox”-related scams
Welcome to this weeks edition of the Threat Source newsletter. I have no idea how "Fortnite" keeps coming up in this newsletter, but here we are again. Even though the game/metaverse has never been bigger, it had been a while since I had heard about "V-Bucks" scams. V-Bucks are the in-game virtua...
CVE-2023-39801
A lack of exception handling in the Renault Easy Link Multimedia System Software Version 283C35519R allows attackers to cause a Denial of Service DoS via supplying crafted WMA files when connecting a device to the vehicle's USB plug and play feature...
The vulnerability of NETGEAR RAX30 network interface cards’ UPnP microprogramming service allows a hacker to execute arbitrary code.
The vulnerability of NETGEAR RAX30 microprogrammed software routing devices stems from the lack of measures taken to sanitize data at the management level. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
CVE-2023-39801
A lack of exception handling in the Renault Easy Link Multimedia System Software Version 283C35519R allows attackers to cause a Denial of Service DoS via supplying crafted WMA files when connecting a device to the vehicle's USB plug and play feature...
PT-2023-27110 · Renault · Renault Easy Link Multimedia System
Name of the Vulnerable Software and Affected Versions: Renault Easy Link Multimedia System Software version 283C35519R Description: The issue is related to a lack of exception handling in the software, allowing attackers to cause a Denial of Service DoS by supplying crafted WMA files when...
Syrian Threat Actor EVLF Unmasked as Creator of CypherRAT and CraxsRAT Android Malware
A Syrian threat actor named EVLF has been outed as the creator of malware families CypherRAT and CraxsRAT. "These RATs are designed to allow an attacker to remotely perform real-time actions and control the victim device's camera, location, and microphone," Cybersecurity firm Cyfirma said in a...
Thousands of Android Malware Apps Using Stealthy APK Compression to Evade Detection
Threat actors are using Android Package APK files with unknown or unsupported compression methods to elude malware analysis. That's according to findings from Zimperium, which found 3,300 artifacts leveraging such compression algorithms in the wild. 71 of the identified samples can be loaded on t...
Android Security Bulletin—August 2023Stay organized with collectionsSave and categorize content based on your preferences.
The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Security patch levels of 2023-08-05 or later address all of these issues. To learn how to check a device's security patch level, see Check and update your Android version. Android partners are...
Patchwork Hackers Target Chinese Research Organizations Using EyeShell Backdoor
Threat actors associated with the hacking crew known as Patchwork have been spotted targeting universities and research organizations in China as part of a recently observed campaign. The activity, according to KnownSec 404 Team, entailed the use of a backdoor codenamed EyeShell. Patchwork, also...
New Android Malware CherryBlos Utilizing OCR to Steal Sensitive Data
A new Android malware strain called CherryBlos has been observed making use of optical character recognition OCR techniques to gather sensitive data stored in pictures. CherryBlos, per Trend Micro, is distributed via bogus posts on social media platforms and comes with capabilities to steal...
Ubiquiti EdgeRouters 缓冲区错误漏洞
Ubiquiti EdgeRouters is a series of edge routers from Ubiquiti USA. A security vulnerability exists in Ubiquiti EdgeRouters and Aircubes that stems from the presence of a heap overflow vulnerability that allows a malicious actor to interrupt UPnP services on the device...
Triada Malware Infects Android Devices via Fake Telegram App
By Waqas Fortunately, the infected version of Telegram carrying Triada malware is being distributed through third-party stores rather than the official Google Play Store. This is a post from HackRead.com Read the original post: Triada Malware Infects Android Devices via Fake Telegram App...
Two Spyware Apps on Google Play with 1.5 Million Users Sending Data to China
Two file management apps on the Google Play Store have been discovered to be spyware, putting the privacy and security of up to 1.5 million Android users at risk. These apps engage in deceptive behaviour and secretly send sensitive user data to malicious servers in China. Pradeo, a leading mobile...
Two Spyware Apps on Google Play with 1.5 Million Users Sending Data to China
Two file management apps on the Google Play Store have been discovered to be spyware, putting the privacy and security of up to 1.5 million Android users at risk. These apps engage in deceptive behaviour and secretly send sensitive user data to malicious servers in China. Pradeo, a leading mobile...
Vishing Goes High-Tech: New 'Letscall' Malware Employs Voice Traffic Routing
Researchers have issued a warning about an emerging and advanced form of voice phishing vishing known as "Letscall." This technique is currently targeting individuals in South Korea. The criminals behind "Letscall" employ a multi-step attack to deceive victims into downloading malicious apps from...
Vishing Goes High-Tech: New 'Letscall' Malware Employs Voice Traffic Routing
Researchers have issued a warning about an emerging and advanced form of voice phishing vishing known as "Letscall." This technique is currently targeting individuals in South Korea. The criminals behind "Letscall" employ a multi-step attack to deceive victims into downloading malicious apps from...
China-Linked Spyware Found in Google Play Store Apps, 2m Downloads
By Waqas Mobile security solutions provider Pradeos security researchers have shared details of the spyware they discovered hiding on the… This is a post from HackRead.com Read the original post: China-Linked Spyware Found in Google Play Store Apps, 2m Downloads...