EUVD-2004-2617

Malware in sbrugna...

EUVD-2023-51721

Malicious code in bioql PyPI...

DEBIAN-CVE-2023-4233

A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the smsdecodeaddressfield function during the SMS PDU decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS...

Coinbase Employees Targeted by SMS Phishing Attack

By Waqas The SMS phishing attack smishing was followed by a phone call from a scammer to one of the employees who fell for the scam. This is a post from HackRead.com Read the original post: Coinbase Employees Targeted by SMS Phishing Attack...

Hotel staff bust Hermes SMS scammer with suspiciously large number of cables

If you’re in the UK, you’ve likely received a fake delivery SMS at this point. The original big driver for this over the pandemic was a non-stop wave of Royal Mail phishing scams. As that article mentions, most if not all of our interactions with organisations is done by mobile. I receive medical...

SMS Attack Spreads Emotet, Steals Bank Credentials

Attackers are sending SMS messages purporting to be from victims’ banks – but once they click on the links in the text messages, they are asked to hand over their banking credentials and download a file that infects their systems with the Emotet malware. Emotet has continued to evolve since its...

Visual Voicemail for iPhone - IMAP NAMESPACE Processing Use-After-Free

Visual Voicemail for iPhone - IMAP NAMESPACE Processing Use-After-Free Visual Voicemail VVM is a feature of mobile devices that allows voicemail to be read in an email-like format. Carriers set up a Visual Voicemail server that supports IMAP, and the device queries this server for new email. Visu...

Majority of 4G USB Modems, SIM Cards Exploitable

Researchers say 4G USB modems contain exploitable vulnerabilities through which attackers could, and researchers have, managed to gain full control of the machines to which the devices are connected. Researchers from Positive Technologies presented a briefing detailing how to compromise USB modem...

Google Nexus Phones Vulnerable to SMS Denial-of-Service

Google is reportedly looking into a problem with the latest versions of Nexus smartphones that could force the devices to restart, lock or fail to connect to the Internet. All Galaxy Nexus, Nexus 4 and Nexus 5 devices that run Android 4.0 contain a flaw that can render the phones vulnerable to a...

Google Nexus phone vulnerable to SMS-based DOS attack

None...

Ramnit Man-in-the-Browser Attack Targets UK Banks

Nowhere is the cat-and-mouse game between attackers and the security of users more evident than with social engineering schemes. Users’ awareness of phishing campaigns, for example, may be improving, but that’s just forcing attackers bent on identity theft and stealing payment card information to...

Windows Phone 7.5 Denial of Service Attack Vulnerability (Video Demonstration)

Denial of Service Attack Vulnerability in Windows Phone 7.5 Microsoft's range of Windows Phones suffer from a denial-of-service attack bug that allows attackers to reboot the device and disable the messaging functionality on a device. A malicious SMS sent to a Windows Phone 7.5 device will force ...

Grand network SMS ddos attack vulnerabilities and fixes-vulnerability warning-the black bar safety net

Brief description: Grand online presence SMSddosattack vulnerability Detailed description: Grand online Forgot Password at will to the phone to send verification code, The URL: http://pwd.sdo.com/ptinfo/safecenter/getpwd/ChgPwdStepOldPwd.aspx?showbindmobile=1 Phone numbers can be arbitrarily...

CanSecWest: Researchers Show Off Method For Disabling Phones Via SMS

VANCOUVER–A pair of security researchers from Germany demonstrated several techniques at the CanSecWest conference here Wednesday that enable them to remotely reboot, shut down or even completely disable many popular mobile phones with SMS messages. The technique that Nico Golde and Collin Mullin...

Social-Engineer Toolkit v1.0 - Latest Version Download

The Social Engineer Toolkit SET has been updated to version 1.0! We wrote about the Social Engineer's Toolkit in our old post here. This release is called the Devolution Release. "The Social Engineering Toolkit SET is a python-driven suite of custom tools which solely focuses on attacking the hum...

Optus/Huawei E960 HSDPA Router Cross Site Scripting

XSS Attack using SMS to Optus/Huawei E960 HSDPA Router Synopsis -------- Huawei E960 HSDPA Router firmware version 246.11.04.11.110sp04 is vulnerable to XSS attack using SMS. One of the feature of this router is the ability to send and receive SMS through its web interface. The SMS text is...