Vulnerabilities fixed in Apple iOS and iPadOS

Apple has fixed vulnerabilities in iOS and iPadOS. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: - Cross-Site Scripting XSS - Denial-of-Service DoS. - Manipulation of data - Circumvention of security measure - Access to...

Vulnerabilities fixed in Google Android and Samsung Mobile

Google has fixed vulnerabilities in Android. A malicious party could exploit the vulnerabilities to cause a denial-of-service, or grant themselves elevated privileges on the device and thus execute arbitrary code, possibly with system privileges and gain access to sensitive data. Successful...

Vulnerabilities fixed in Google Android and Samsung Mobile

Google has fixed vulnerabilities in Android. A malicious person can exploit the vulnerabilities to launch attacks that can lead to the following categories of damage: Remote code execution Administrator/Root privileges Access to sensitive data Increased user privileges Successful misuse requires...

Vulnerabilities fixed in Apple iOS and iPadOS

Apple has fixed vulnerabilities in iOS and iPadOS. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Bypassing authentication Remote code execution User rights Access ...

Vulnerabilities fixed in Apple macOS, iOS, iPadOS and Safari

Apple has fixed vulnerabilities in macOS Ventura, iOS, iPadOS and Safari for Big Sur and Monterey. A malicious party could exploit vulnerabilities to execute arbitrary code, or to gain access to sensitive data. To execute code with kernel privileges, or to gain access to sensitive data, the...

Hackers Sign Android Malware Apps with Compromised Platform Certificates

Platform certificates used by Android smartphone vendors like Samsung, LG, and MediaTek have been found to be abused to sign malicious apps. The findings were first discovered and reported by Google reverse engineer Łukasz Siewierski on Thursday. "A platform certificate is the application signing...

Hackers Using New Version of FurBall Android Malware to Spy on Iranian Citizens

The Iranian threat actor known as Domestic Kitten has been attributed to a new mobile campaign that masquerades as a translation app to distribute an updated variant of an Android malware known as FurBall. "Since June 2021, it has been distributed as a translation app via a copycat of an Iranian...

North Korean Hackers Distributing Trojanized DeFi Wallet Apps to Steal Victims' Crypto

The North Korean state-backed hacking crew, otherwise known as the Lazarus Group, has been attributed to yet another financially motivated campaign that leverages a trojanized decentralized finance DeFi wallet app to distribute a fully-featured backdoor onto compromised Windows systems. The app,...

Vulnerabilities fixed in Apple iOS and iPadOS

Apple has fixed vulnerabilities in iOS and iPadOS. The vulnerabilities potentially allow a malicious person to launch attacks execute attacks that result in the following categories of damage: Manipulation of data Circumvention of security measure Remote code execution Administrator/Root rights...

Vulnerabilities found in Apple iOS and iPadOS

A security researcher has found three vulnerabilities in Apple iOS and iPadOS. A malicious party can exploit these vulnerabilities exploit them to gain access to sensitive data. This includes contact data stored on the device and metadata about interactions with these persons. Successful misuse...

CVE-2020-29457

A Privilege Elevation vulnerability in OPC UA .NET Standard Stack 1.4.363.107 could allow a rogue application to establish a secure connection...

CVE-2020-29457

A Privilege Elevation vulnerability in OPC UA .NET Standard Stack 1.4.363.107 could allow a rogue application to establish a secure connection...

Privilege escalation

A Privilege Elevation vulnerability in OPC UA .NET Standard Stack 1.4.363.107 could allow a rogue application to establish a secure connection...

CVE-2020-29457

CVE-2020-29457 reports a Privilege Elevation vulnerability in OPC UA .NET Standard Stack 1.4.363.107 that could allow a rogue application to establish a secure connection. Connected sources describe improper certificate validation, enabling connections using invalid certificates, affecting OPC UA...

Vulnerabilities fixed in Citrix Secure Mail

Citrix has fixed vulnerabilities in Citrix Secure Mail. A malicious party can use a rogue app to gain access to the email data and, to a lesser extent, the calendar data stored in the victim's Citrix Secure Mail. The vulnerability is located in Citrix Secure Mail for Android. Citrix Secure Mail f...

Authorization Bypass

openjdk is vulnerable to authorization bypass. It was discovered that OpenType checks can be bypassed. This could allow a rogue application to bypass access restrictions by acquiring references to privileged objects through finalizer resurrection...

New Flaw Lets Rogue Android Apps Access Camera Without Permission

An alarming security vulnerability has been discovered in several models of Android smartphones manufactured by Google, Samsung, and others that could allow malicious apps to secretly take pictures and record videos — even when they don't have specific device permissions to do so. You must alread...

Keen Lab Takes Down iPhone 6S, Nexus 6P, at Mobile Pwn2Own

Hackers identified a series of vulnerabilities in Android and iOS to take down a Google Nexus 6P and an Apple iPhone 6S this week at Mobile Pwn2Own. The mobile version of the popular hacking challenge, put on by Trend Micro and Tipping Point’s Zero Day Initiative, was held in tandem with the...

Rogue Chinese iOS App Removed from App Store

Apple removed an iOS application from its Chinese iTunes App Store that allowed users of non-jailbroken iOS devices to install pirated and jailbroken apps. Researchers at Palo Alto Networks, who discovered the rogue application, said the app was not malicious, but presented a serious security ris...

China is the birth place for most of malicious Android apps

China is the birth place for most of malicious Android apps Mobile malware is rising, and there have been explosions in the world of viruses and Trojans. Virus makers are now targeting mobile platforms- thanks to their growing popularity. If we take the statistics from last 6 months, the chances ...