Security
Headlines
HeadlinesLatestCVEs

Tag

#android

Bug Bounty Radar // The latest bug bounty programs for September 2022

New web targets for the discerning hacker

PortSwigger
Open in Source
#xss#vulnerability#web#ios#android#windows#google#linux#git#aws#chrome
AWS Tokens Lurking in Android, iOS Apps Crack Open Corporate Cloud Data

Thousands of corporate mobile apps developed by businesses for use by their customers contain hardcoded AWS tokens that can be easily extracted and used to access the full run of corporate data stored in cloud buckets.

TikTok Users Were Vulnerable to a Single-Click Attack

Microsoft disclosed the flaw in the Android app’s deep link verification process, which has since been fixed.

CVE-2022-36373: MP3-jPlayer

Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Simon Ward MP3 jPlayer plugin <= 2.7.3 at WordPress.

What is a parental control app and what are your options

By Waqas There are many different parental control apps available, so it is important to research which one will best fit the needs of your family. This is a post from HackRead.com Read the original post: What is a parental control app and what are your options

Researchers Detail Emerging Cross-Platform BianLian Ransomware Attacks

The operators of the emerging cross-platform BianLian ransomware have increased their command-and-control (C2) infrastructure this month, a development that alludes to an increase in the group's operational tempo. BianLian, written in the Go programming language, was first discovered in mid-July 2022 and has claimed 15 victim organizations as of September 1, cybersecurity firm [redacted] said in

TikTok vulnerability could have allowed hijackers to take over accounts

Categories: News Tags: Exploit Tags: vulnerability Tags: Tik-Tok Tags: Microsoft Tags: JavaScript We take a look at a TikTok exploit discovered by Microsoft and passed on to the social media giant to have fixed. (Read more...) The post TikTok vulnerability could have allowed hijackers to take over accounts appeared first on Malwarebytes Labs.

Over 1,800 Android and iOS Apps Found Leaking Hard-Coded AWS Credentials

Researchers have identified 1,859 apps across Android and iOS containing hard-coded Amazon Web Services (AWS) credentials, posing a major security risk. "Over three-quarters (77%) of the apps contained valid AWS access tokens allowing access to private AWS cloud services," Symantec's Threat Hunter team, a part of Broadcom Software, said in a report shared with The Hacker News. Interestingly, a

Careless Errors in Hundreds of Apps Could Expose Troves of Data

Researchers found that mobile applications contain keys that could provide access to both user information and private files from unconnected apps.

Microsoft Discover Severe ‘One-Click’ Exploit for TikTok Android App

Microsoft on Wednesday disclosed details of a now-patched "high severity vulnerability" in the TikTok app for Android that could let attackers take over accounts when victims clicked on a malicious link. "Attackers could have leveraged the vulnerability to hijack an account without users' awareness if a targeted user simply clicked a specially crafted link," Dimitrios Valsamaras of the Microsoft