259 matches found
GTPDOOR Linux Malware Targets Telecoms, Exploiting GPRS Roaming Networks
Threat hunters have discovered a new Linux malware called GTPDOOR that's designed to be deployed in telecom networks that are adjacent to GPRS roaming exchanges GRX The malware is novel in the fact that it leverages the GPRS Tunnelling Protocol GTP for command-and-control C2 communications. GPRS...
MoqHao Android Malware Evolves with Auto-Execution Capability
Threat hunters have identified a new variant of Android malware called MoqHao that automatically executes on infected devices without requiring any user interaction. "Typical MoqHao requires users to install and launch the app to get their desired purpose, but this new variant requires no...
Incorrect path displayed when click "open file location”
Type "command prompt" in the search box and click "open file location” the path of the roaming profile on the NAS server is displayed...
Agent Racoon Backdoor Targets Organizations in Middle East, Africa, and U.S.
Organizations in the Middle East, Africa, and the U.S. have been targeted by an unknown threat actor to distribute a new backdoor called Agent Racoon. "This malware family is written using the .NET framework and leverages the domain name service DNS protocol to create a covert channel and provide...
CVE-2023-28571
Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming scan...
Information disclosure
Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming scan...
CVE-2023-28571
CVE-2023-28571 describes an information-disclosure flaw in WLAN HOST while processing the WLAN scan descriptor list during roaming scans. Public documents (NVD, Red Hat, PRION, vuln enrichment) consistently refer to information disclosure with CVSS metrics indicating a local attacker with low com...
CVE-2023-28571 Buffer Over-read in WLAN HOST
Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming scan...
CVE-2023-28571 Buffer Over-read in WLAN HOST
Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming scan...
Qualcomm Chip Buffer Error Vulnerability
A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc. and are often manufactured on the surface of semiconductor wafers. The Qualcomm chip suffers from a buffer error vulnerability that originates fr...
PT-2023-21820 · Wlan Host · Wlan Host
Name of the Vulnerable Software and Affected Versions: WLAN HOST affected versions not specified Description: The issue is related to information disclosure in the WLAN HOST while it processes the WLAN scan descriptor list during a roaming scan. Recommendations: At the moment, there is no...
IT threat evolution Q1 2023
IT threat evolution in Q1 2023 IT threat evolution in Q1 2023. Non-mobile statistics IT threat evolution in Q1 2023. Mobile statistics Targeted attacks BlueNoroff introduces new methods bypassing MotW At the close of 2022, we reported the recent activities of BlueNoroff, a financially motivated...
Debian: Security Advisory (DLA-387-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
K01131113: OpenSSH vulnerabilities CVE-2016-0777 and CVE-2016-0778
Security Advisory Description CVE-2016-0777 The resendbytes function in roamingcommon.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a...
Roaming Mantis Malware Returns with DNS Changer Capability
By Deeba Ahmed Roaming Mantis malware was last seen in April 2018 targeting iOS and Android devices with cryptocurrency mining malware but this time, it has new DNS changer capabilities. This is a post from HackRead.com Read the original post: Roaming Mantis Malware Returns with DNS Changer...
Roaming Mantis Spreading Mobile Malware That Hijacks Wi-Fi Routers' DNS Settings
Threat actors associated with the Roaming Mantis attack campaign have been observed delivering an updated variant of their patent mobile malware known as Wroba to infiltrate Wi-Fi routers and undertake Domain Name System DNS hijacking. Kaspersky, which carried out an analysis of the malicious...
Roaming Mantis Spreading Mobile Malware That Hijacks Wi-Fi Routers' DNS Settings
Threat actors associated with the Roaming Mantis attack campaign have been observed delivering an updated variant of their patent mobile malware known as Wroba to infiltrate Wi-Fi routers and undertake Domain Name System DNS hijacking. Kaspersky, which carried out an analysis of the malicious...
Roaming Mantis implements new DNS changer in its malicious mobile app in 2022
Roaming Mantis a.k.a Shaoye is well-known as a long-term cyberattack campaign that uses malicious Android package APK files to control infected Android devices and steal device information; it also uses phishing pages to steal user credentials, with a strong financial motivation. Kaspersky has be...
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure in the DSInternals.Common.Data.RoamedCredential.Save method, which incorrectly parses the msPKIAccountCredentials LDAP attribute values. Consequently, a malicious actor would be able to modify the computer's file...
GHSA-VX2X-9CFF-FHJW DSInternals Credential Roaming Elevation of Privilege Vulnerability
Impact A vulnerability exists in the DSInternals.Common.Data.RoamedCredential.Save method, which incorrectly parses the msPKIAccountCredentials LDAP attribute values. As a consequence, a malicious actor would be able to modify the file system of the computer where an application using this functi...