123 matches found
The Privacy Danger Lurking in Push Notifications
Plus: Apple warns about sideloading apps, a court orders NSO group to turn over the code of its Pegasus spyware, and an investigation finds widely available security cams are wildly insecure...
Apple warns of “privacy and security threats” after EU requires it to allow sideloading
Despite several warnings about the risks, Apple will allow European iPhone owners to install apps obtained from outside the official App store sideloading. These drastic changes are brought about to comply with the European Union’s EU Digital Markets Act DMA. The Digital Markets Act DMA establish...
In-Depth Analysis of Phobos Ransomware
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Phobos ransomware, active since 2018, primarily targets small to medium-sized businesses with lower ransom demands. It uses compromised RDP connections, is distributed via a Ransomware as a Service model...
CVE-2023-4936
It is possible to sideload a compromised DLL during the installation at elevated privilege...
CVE-2023-4936
CVE-2023-4936 affects Synaptics DisplayLink graphics via a dynamic library sideloading vulnerability. The issue enables loading a compromised DLL during installation with elevated privileges, constituting a local privilege escalation. According to NVD, the CVSS 3.1 vector is AV:L/AC:H/PR:L/UI:R/S...
CVE-2023-4936 Synaptics-DisplayLink-privilege escalation vulnerability via a dynamic library sideloading
It is possible to sideload a compromised DLL during the installation at elevated privilege...
CVE-2023-4936 Synaptics-DisplayLink-privilege escalation vulnerability via a dynamic library sideloading
It is possible to sideload a compromised DLL during the installation at elevated privilege...
VulnCheck KEV: CVE-2022-23748
Dante Discovery contains a process control vulnerability in mDNSResponder.exe that all allows for a DLL sideloading attack. A local attacker can leverage this vulnerability in the Dante Application Library to execute arbitrary code...
PT-2023-31182
Name of the Vulnerable Software and Affected Versions No specific software or versions are mentioned. Description The issue allows for the sideloading of a compromised DLL during installation at elevated privilege. Recommendations At the moment, there is no information about a newer version that...
Chimera - Automated DLL Sideloading Tool With EDR Evasion Capabilities
While DLL sideloading can be used for legitimate purposes, such as loading necessary libraries for a program to function, it can also be used for malicious purposes. Attackers can use DLL sideloading to execute arbitrary code on a target system, often by exploiting vulnerabilities in legitimate...
CVE-2023-21257
In updateSettingsInternalLI of InstallPackageHelper.java, there is a possible way to sideload an app in the work profile due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2023-21257
CVE-2023-21257 is an Android Framework elevation-of-privilege issue. In the function updateSettingsInternalLI of InstallPackageHelper.java , a missing permission check could allow sideloading an app into the work profile, enabling local privilege escalation with no extra execution privileges requ...
PT-2023-18042 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions prior to the fixed version Description: The issue is related to a missing permission check in the updateSettingsInternalLI function of InstallPackageHelper.java, allowing an app to be sideloaded in the work profile. This coul...
ASB-A-257443065
In updateSettingsInternalLI of InstallPackageHelper.java, there is a possible way to sideload an app in the work profile due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
Apple Thwarts $2 Billion in App Store Fraud, Rejects 1.7 Million App Submissions
Apple has announced that it prevented over $2 billion in potentially fraudulent transactions and rejected roughly 1.7 million app submissions for privacy and security violations in 2022. The computing giant said it terminated 428,000 developer accounts for potential fraudulent activity, blocked...
Dragon Breath APT Evolves with Double DLL Sideloading
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Dragon Breath APT targets the gambling industry using the double-clean-app technique & DLL sideloading. Chinese-speaking Windows users are being targeted. To receive real-time threat advisories, please...
Threat Advisory: 3CX Softphone Supply Chain Compromise
Cisco Talos is tracking and actively responding to a supply chain attack involving the 3CX Desktop Softphone application. This is a multi-stage attack that involves sideloading DLLs, seven-day sleep routines, and additional payloads dependent on a now-removed GitHub repository for Windows-based...
CVE-2023-24578
McAfee Total Protection prior to 16.0.49 allows attackers to elevate user privileges due to DLL sideloading. This could enable a user with lower privileges to execute unauthorized tasks...
CVE-2023-24578
McAfee Total Protection prior to 16.0.49 allows attackers to elevate user privileges due to DLL sideloading. This could enable a user with lower privileges to execute unauthorized tasks...
Code injection
McAfee Total Protection prior to 16.0.49 allows attackers to elevate user privileges due to DLL sideloading. This could enable a user with lower privileges to execute unauthorized tasks...