Security
Headlines
HeadlinesLatestCVEs

Tag

#android

CVE-2022-38399: �X�}�J���iCS-QR10�j�bPLANEX

Missing protection mechanism for alternate hardware interface in SmaCam CS-QR10 all versions and SmaCam Night Vision CS-QR20 all versions allows an attacker to execute an arbitrary OS command by having the product connect to the product's specific serial connection

CVE
Open in Source
#web#android#mac#windows#google#amazon#wifi
Iran-Linked APT Cozies Up to 'Enemies' in Trust-Based Spy Game

APT42 is posing as a friend to people considered threats to the government, using a raft of different tools to steal relevant info and perform surveillance.

How to set up an Android for your kids

Categories: Personal Last week, we discussed setting up an iPhone for your child. In this post, we've done the same for Android. (Read more...) The post How to set up an Android for your kids appeared first on Malwarebytes Labs.

CVE-2022-26448: September 2022

In apusys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07063849; Issue ID: ALPS07063849.

CVE-2022-2945

The WordPress Infinite Scroll – Ajax Load More plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 5.5.3 via the 'type' parameter found in the alm_get_layout() function. This makes it possible for authenticated attackers, with administrative permissions, to read the contents of arbitrary files on the server, which can contain sensitive information.

Malicious Security App on Play Store Caught Dropping SharkBot Malware

By Deeba Ahmed SharkBot malware is known for spreading itself through fake security solution apps on Google Play Store. This is a post from HackRead.com Read the original post: Malicious Security App on Play Store Caught Dropping SharkBot Malware

Researchers Find New Android Spyware Campaign Targeting Uyghur Community

A previously undocumented strain of Android spyware with extensive information gathering capabilities has been found disguised as a book likely designed to target the Uyghur community in China. The malware comes under the guise of a book titled "The China Freedom Trap," a biography written by the exiled Uyghur leader Dolkun Isa. "In light of the ongoing conflict between the

A week in security (August 29 - September 4)

Categories: News The most important and interesting computer security stories from the last week. (Read more...) The post A week in security (August 29 - September 4) appeared first on Malwarebytes Labs.

Fake Antivirus and Cleaner Apps Caught Installing SharkBot Android Banking Trojan

The notorious Android banking trojan known as SharkBot has once again made an appearance on the Google Play Store by masquerading as antivirus and cleaner apps. "This new dropper doesn't rely on Accessibility permissions to automatically perform the installation of the dropper Sharkbot malware," NCC Group's Fox-IT said in a report. "Instead, this new version asks the victim to install the

Police Across US Bypass Warrants With Mass Location-Tracking Tool

Plus: An unsecured database exposed face recognition data in China, ‘Cuba’ ransomware knocks out Montenegro, and more.