Over 60K Adware Apps Posing as Cracked Versions of Popular Apps Target Android Devices

Thousands of adware apps for Android have been found to masquerade as cracks or modded versions of popular applications to serve unwanted ads to users as part of a campaign ongoing since October 2022. "The campaign is designed to aggressively push adware to Android devices with the purpose to dri...

CVE-2023-31893

Telefnica Brasil Vivo Play IPTV Firmware: 2023.04.04.01.06.15 is vulnerable to Denial of Service DoS via DNS Recursion...

Design/Logic Flaw

Telefnica Brasil Vivo Play IPTV Firmware: 2023.04.04.01.06.15 is vulnerable to Denial of Service DoS via DNS Recursion...

Minor update(4) for Vivaldi Android Browser 6.0

Head to the Google Play Store and download the browser. Alternatively, you can download Vivaldi from Uptodown, the Android app store. Your rating for our browser matters. ⭐️ ⭐️ ⭐️ ⭐️ ⭐️ Enjoy! Changelog The following is a list of changes since the third 6.0 stable, minor update : Chromium...

Play ransomware gang compromises Spanish bank, threatens to leak files

Ransomware is creating additional work for a major Spanish bank. Globalcaja, said to have more than 300 offices in Spain and close to half a million customers, has fallen victim to the Play ransomware gang. The gang claim to have swiped both private and personal information in the attack--includi...

PT-2023-23505 · Telefônica Brasil · Telefônica Brasil Vivo Play

Name of the Vulnerable Software and Affected Versions: Telefnica Brasil Vivo Play IPTV Firmware version 2023.04.04.01.06.15 Description: The issue is related to a Denial of Service DoS via DNS Recursion. This means that the system can be made unavailable by exploiting its handling of DNS recursio...

Vivo Play 安全漏洞

Vivo Play is an app from the Chinese company Vivo. for anytime, anywhere access to sports, TV shows, movies, series and on-demand content. A security vulnerability exists in Vivo Play version 2023.04.04.01.06.15, which stems from vulnerability to DNS recursive denial of service DoS attacks...

CVE-2023-31893

Telefnica Brasil Vivo Play IPTV Firmware: 2023.04.04.01.06.15 is vulnerable to Denial of Service DoS via DNS Recursion...

CVE-2023-31893

CVE-2023-31893 affects Telefnica Brasil Vivo Play (IPTV) firmware 2023.04.04.01.06.15, with a vulnerability enabling Denial of Service (DoS) via DNS recursion . The available sources describe the firmware and the DoS vector but do not provide a confirmed patch version or official mitigation. Prac...

CVE-2023-31893

Telefnica Brasil Vivo Play IPTV Firmware: 2023.04.04.01.06.15 is vulnerable to Denial of Service DoS via DNS Recursion...

The vulnerability of the ChangeFriendlyName() function in the IoT device’s microprogramming system of Belkin Smart Outlet V2 F7c063 allows a perpetrator to trigger a service failure.

The vulnerability of the ChangeFriendlyName function in the IoT device’s microprogramming software of Belkin Smart Outlet V2 F7c063 is related to buffer overflow in the stack. Exploiting this vulnerability could allow a malicious actor to trigger a service failure through a specially crafted UPNP...

Netflix’s Password-Sharing Crackdown Has Hit the US

TikTok user data is exposed to Chinese ByteDance employees, a screen recording app goes rogue in Google Play, and privacy groups want Slack to expand encryption...

QueryWall: Plug'n Play Firewall <= 1.1.1 - Admin+ SQLi

The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin. PoC 1. Send GET /wp-admin/admin.php?page=querywall=datetimegmt=desc%2cselectfromselectsleep20a 2. See SQL execution...

QueryWall: Plug'n Play Firewall <= 1.1.1 - Admin+ SQLi

The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin. 1. Send GET /wp-admin/admin.php?page=querywall&orderby=datetimegmt&order=desc%2cselectfromselectsleep20a 2. See SQL execut...

Data Stealing Malware Discovered in Popular Android Screen Recorder App

Google has removed a screen recording app named "iRecorder - Screen Recorder" from the Play Store after it was found to sneak in information stealing capabilities nearly a year after the app was published as an innocuous app. The app APK package name "com.tsoft.app.iscreenrecorder", which accrued...

Data Stealing Malware Discovered in Popular Android Screen Recorder App

Google has removed a screen recording app named "iRecorder - Screen Recorder" from the Play Store after it was found to sneak in information stealing capabilities nearly a year after the app was published as an innocuous app. The app APK package name "com.tsoft.app.iscreenrecorder", which accrued...

This Cybercrime Syndicate Pre-Infected Over 8.9 Million Android Phones Worldwide

A cybercrime enterprise known as Lemon Group is leveraging millions of pre-infected Android smartphones worldwide to carry out their malicious operations, posing significant supply chain risks. "The infection turns these devices into mobile proxies, tools for stealing and selling SMS messages,...

CVE-2023-27217

A stack-based buffer overflow in the ChangeFriendlyName function of Belkin Smart Outlet V2 F7c063 firmware2.00.11420.OWRT.PVTSNSV2 allows attackers to cause a Denial of Service DoS via a crafted UPNP request...

CVE-2023-27217

A stack-based buffer overflow in the ChangeFriendlyName function of Belkin Smart Outlet V2 F7c063 firmware2.00.11420.OWRT.PVTSNSV2 allows attackers to cause a Denial of Service DoS via a crafted UPNP request...

Belkin Smart Outlet 缓冲区错误漏洞

Belkin Smart Outlet is a smart outlet from Belkin USA. A security vulnerability exists in Belkin Smart Outlet version V2 that stems from the presence of a stack-based buffer overflow that allows an attacker to cause a denial of service DoS via a crafted UPNP request...