Android happy to check your nudes before you forward them

Sometimes the updates we install to keep our devices safe do a little bit more than we might suspect at first glance. Take the October 2024 Android Security Bulletin. It included a new service called Android System SafetyCore. If you can find a mention of that in the security bulletin, you’re a...

exchangeRateDeltaLimit can be exceeded with overrideExchangeRate() and remain unpaused

Lines of code Vulnerability details Impact The CashManger has a safety feature that limits the maximum change in the exchange rate between epochs. in setMintExchangeRate it is checked that this limit is not exceeded but there is no check in overrideExchangeRate. Proof of Concept An epoch could ha...

Google takes on Docs notification spammers

Cloud-based document suites have always been a hot target for scammers. When it’s easy to dip in and out for collaboration purposes, or just share things generally, then its likely that bad people will want in on the action. In 2019, Google calendar users were wading through endless spam...

Microsoft Office: Mime Sniffing Safety Feature

This test checks the setting for policy OpenVAS Vulnerability Test $Id: officemimesniffingsafety.nasl 11843 2018-10-11 14:33:21Z emoss $ Check value for Mime Sniffing Safety Feature Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.net This program is...

Network traffic encryption enabled within job when no rule has been set and the Veeam server has a Public IP

Challenge During the processing of a VM by Veeam Backup & Replication on a server with a Public IP, the notification stating "Network traffic will be encrypted" is shown even though no rule is in place within the network traffic rules. Cause By default Veeam Backup & Replication enables encryptio...

Double-clicking a link can run a program from the Internet – Opera Security Advisories

Double-clicking a link can run a program from the Internet – Opera Security Advisories OPCOM Team | December 19, 2005 Summary If a user double-clicks a Web link leading to a program,that program can be run. The second click may go intothe “Open” button of the file download dialog. Severity:...