Here’s Some Bitcoin: Oh, and You’ve Been Served!

A California man who lost $100,000 in a 2021 SIM-swapping attack is suing the unknown holder of a cryptocurrency wallet that harbors his stolen funds. The case is thought to be the first in which a federal court has recognized the use of information included in a bitcoin transaction -- such as a...

British LAPSUS$ Teen Members Sentenced for High-Profile Attacks

Two British teens part of the LAPSUS$ cyber crime and extortion gang have been sentenced for their roles in orchestrating a string of high-profile attacks against a number of companies. Arion Kurtaj, an 18-year-old from Oxford, has been sentenced to an indefinite hospital order due to his intent ...

PT-2023-30824 · Google · Android

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a possible out of bounds read in the ProtocolMiscCarrierConfigSimInfoIndAdapter of protocolmiscadapter.cpp due to a missing boun...

CVE-2023-42570

Improper access control vulnerability in KnoxCustomManagerService prior to SMR Dec-2023 Release 1 allows attacker to access device SIM PIN...

CVE-2023-42570

Improper access control vulnerability in KnoxCustomManagerService prior to SMR Dec-2023 Release 1 allows attacker to access device SIM PIN...

CVE-2023-21634

Memory Corruption in Radio Interface Layer while sending an SMS or writing an SMS to SIM...

Improper access control

Improper access control vulnerability in KnoxCustomManagerService prior to SMR Dec-2023 Release 1 allows attacker to access device SIM PIN...

CVE-2023-21634

CVE-2023-21634 concerns memory corruption in the Radio Interface Layer (RIL) of Qualcomm chipsets when sending an SMS or writing an SMS to a SIM. The issue is described across sources as a memory corruption vulnerability in the RIL, with potential impact to confidentiality, integrity, and availab...

CVE-2023-21634 Improper Restriction of Operations within the Bounds of a Memory Buffer in Radio Interface Layer

Memory Corruption in Radio Interface Layer while sending an SMS or writing an SMS to SIM...

CVE-2023-42570

The issue CVE-2023-42570 is an improper access control vulnerability in Samsung’s KnoxCustomManagerService. It affects Samsung Mobile devices and allows a local attacker to access the device SIM PIN before the SMR Dec-2023 Release 1 patch. Root cause stated as improper access control on the KnoxC...

CVE-2023-42570

Improper access control vulnerability in KnoxCustomManagerService prior to SMR Dec-2023 Release 1 allows attacker to access device SIM PIN...

US Man Jailed 8 Years for SIM Swapping and Apple Support Impersonation

By Waqas In addition to his prison sentence, Amir Hossein Golshan, the culprit, has been ordered to pay $1,218,526 in restitution to his victims. This is a post from HackRead.com Read the original post: US Man Jailed 8 Years for SIM Swapping and Apple Support Impersonation...

CVE-2023-49701

Memory Corruption in SIM management while USIMPhase2init...

CVE-2023-49701

Memory Corruption in SIM management while USIMPhase2init...

Memory corruption

Memory Corruption in SIM management while USIMPhase2init...

CVE-2023-49701

CVE-2023-49701 describes memory corruption due to out-of-bounds access in SIM management during USIMPhase2init. The NVD entry notes a high-severity memory corruption issue (CVSSv3.1 base 9.8) with network access and no user interaction required, but no exploitation details are provided in the doc...

CVE-2023-49701 Out-of-bounds access a buffer in SIM management

Memory Corruption in SIM management while USIMPhase2init...

PT-2023-31304 · Asr +1 · Falcon +2

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue involves memory corruption in SIM management during the USIMPhase2init process. No additional details are provided about the estimated number ...

Asrmicro ASR1803 Buffer Error Vulnerability

The Asrmicro ASR1803 is a chip from China's Avantage Technology Asrmicro. A security vulnerability exists in the ASR1803, ASR1806, which originates from an out-of-bounds access to a buffer in SIM management, resulting in a corruption of the SIM management memory during USIMPhase2init...

Scattered Spider ransomware gang falls under government agency scrutiny

As you may have read in our November Ransomware Review, Scattered Spider is a relatively new, albeit dangerous, ransomware gang who made headlines in September for attacking MGM Resorts and Caesar Entertainment. For small security teams, one of the most important findings about the group is their...