28 matches found
CVE-2024-54147
Altair is a GraphQL client for all platforms. Prior to version 8.0.5, Altair GraphQL Client's desktop app does not validate HTTPS certificates allowing a man-in-the-middle to intercept all requests. Any Altair users on untrusted networks eg. public wifi, malicious DNS servers may have all GraphQL...
A week in security (June 12 - 18)
Last week on Malwarebytes Labs: MOVEit discloses THIRD critical vulnerability Fake security researchers push malware files on GitHub LockBit ransomware advisory from CISA provides interesting insights Microsoft fixes six critical vulnerabilities in June Patch Tuesday Update Chrome now! Google fix...
Public and free WiFi: Can I safely use it?
We've got into the habit of expecting internet access wherever we go. But data costs can be expensive, and out of your own home often the only WiFi available is public, passwordless and free. In security, we've been trained to carefully contemplate anything that's free, because, well, often when...
3 reasons to use a VPN
There are many good reasons to use a Virtual Private Network VPN, even if you are just casually scrolling. Privacy is a right that is yours to value and defend, and if you want to increase your online privacy then a VPN is one of the possible solutions. A VPN works like this: When youre connected...
Are you still using public Wi-Fi without a VPN?
Security Are you still using public Wi-Fi without a VPN? Share October 14th, 2022 Hi readers, October is Cybersecurity Awareness Month and the focus is on you, the user. All the privacy and security features in the world are worth nothing if we ourselves don’t apply some best practices to our...
Talos Takes Ep. #77: How to connect to (and safely use) public WiFi
By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. Whenever we walk into a bar or restaurant, it's almost a given that we're going to ask the bartender or server:... This is...
Design/Logic Flaw
MEDIA NAVI Inc SMACom v1.2 was discovered to contain an insecure session validation vulnerability in the session handling of the password authentication parameter of the wifi photo transfer module. This vulnerability allows attackers with network access privileges or on public wifi networks to re...
EFB Safety Advice for Pilots
As a pilot you will be all too aware of how important an electronic flight bag EFB is to you and your role. It’s probably critical to your takeoff performance calculations, your roster, pax lists and plenty more. It’s one thing if its not working, but have you ever stopped to consider what could...
Why you need to trust your VPN: Lock and Code S02E05
This week on Lock and Code, we discuss the top security headlines generated right here on Labs. In addition, we speak to Malwarebytes senior security researcher JP Taggart about the importance of trusting your VPN. Youve likely heard the benefits of using a VPN: You can watch TV shows restricted ...
CVE-2019-17356
The Infinite Design application 3.4.12 for Android sends a username and password via TCP without any encryption during login, as demonstrated by sniffing of a public Wi-Fi network...
WiFi Protection in Public Places
WiFi Internet has added much convenience to our daily lives, with its easy accessibility in public places such as restaurants, hotels, and cafes; malls, parks, and even in airplanes, where we can connect online for faster transactions and communication. Like any online technology, however, it’s...
Hackuna - The First Mobile App to Track Hackers
Cryptors, a cyber security company, invented a mobile app called HACKUNA Anti-Hack that can block and detect these WiFi hackers. The exciting part here is, you can also track the hackers within the area. It will give you all the details you need to find the hacker within the area or to report it ...
Quick look your right eyes and ears while using public WiFi network
By Waqas Research has revealed that public WiFi networks are more dangerous This is a post from HackRead.com Read the original post: Quick look your right eyes and ears while using public WiFi network...
10 tips for safe online shopping on Cyber Monday
Shoppers familiar with the Cyber Monday circus know they’re stepping into the lion’s den. The Internet has always been a lawless place, but it becomes particularly rough during the holiday shopping season. In preparation for the frenzy, cyber villains have crafted a virtual onslaught of social...
7 tips to stay cyber safe this summer
You’ve probably already seen the back-to-school ads on TV and rolled your eyes a little bit. We’re with you: There’s still plenty of summer left. That’s why we want to remind you about some of the cybersecurity pitfalls you might encounter during the remainder of the summer season. Whether you’re...
Space Coast Credit Union SCCU Mobile for Android and iPhone fails to properly validate SSL certificates
Overview Space Coast Credit Union SCCU Mobile for Android, version 2.1.0.1104 and earlier, and for iOS, version 2.2 and earlier, fails to properly validate SSL certificates provided by HTTPS connections, which may enable an attacker to conduct man-in-the-middle MITM attacks. Description CWE-295:...
Design Vulnerability in Baidu Moplus SDK (WormHole Vulnerability)
The Moplus SDK is a public development kit developed in-house by Baidu, which is integrated into numerous Android applications. The "WormHole" vulnerability exists in Baidu's Moplus SDK, which is mainly used to enhance the expansion of Baidu's search engine in smart terminals, and to realize the...
MiTo Xiu Xiu, the gReader, the Foxit PDF reader in the column: 1 4, of Android apps vulnerable to MiTM attacks-vulnerability warning-the black bar safety net
! AppBugs company researchers through the analysis found that there are 1 4 Total Total Download amount up to 8 million times the popular APP in processing social account login when there is a security risk, vulnerable to MiTM hijacking(MITM attack is. Problem application list MeituPic MiTo Xiu...
RouterCheck - Android app for ensure the safety of your Router
RouterCheck is a system for ensuring the well-being of your router and home network. It’s offered as a smartphone app, but is far more than just a simple smartphone app. RouterCheck communicates with a powerful server that helps to check whether your router is vulnerable to any of the latest...
Apple Fixes Proxy Manipulation Vulnerability in iOS 8.3
If left unpatched, one of the vulnerabilities fixed in this week’s iOS update could render an iPhone near useless. If triggered, it could cause networking apps to quit, the system to grind to a halt. In some cases, the device wouldn’t even be able to be rebooted. The vulnerability, nicknamed...