Security
Headlines
HeadlinesLatestCVEs

Tag

#android

Coffee app in hot water for constant tracking of user location

A Tim Hortons app has been flagged for managing to violate Canada's privacy laws. We offer some advice to avoid becoming tangled in app woes. The post Coffee app in hot water for constant tracking of user location appeared first on Malwarebytes Labs.

Malwarebytes
#android#git#auth#ssl
FBI Seizes 'SSNDOB' ID Theft Service for Selling Personal Info of 24 Million People

An illicit online marketplace known as SSNDOB was taken down in operation led by U.S. law enforcement agencies, the Department of Justice (DoJ) announced Tuesday. SSNDOB trafficked in personal information such as names, dates of birth, credit card numbers, and Social Security numbers of about 24 million individuals in the U.S., generating its operators $19 million in sales revenue. The action

CVE-2020-36533: Knapp daneben ist auch vorbei

A vulnerability was found in Klapp App and classified as problematic. This issue affects some unknown processing of the JSON Web Token Handler. The manipulation leads to weak authentication. The attack may be initiated remotely.

CVE-2020-36528: Broken Access Control in Platinum Mobile

A vulnerability, which was classified as critical, was found in Platinum Mobile 1.0.4.850. Affected is /MobileHandler.ashx which leads to broken access control. The attack requires authentication. Upgrading to version 1.0.4.851 is able to address this issue. It is recommended to upgrade the affected component.

Apple Just Killed the Password—for Real This Time

Apple’s iOS 16 and macOS Ventura will introduce passwordless login for apps and websites. It’s only the beginning.

Apple Just Killed the Password—for Real This Time

Apple’s iOS 16 and macOS Ventura will introduce passwordless login for apps and websites. It’s only the beginning.

CVE-2022-21745: June 2022

In WIFI Firmware, there is a possible memory corruption due to a use after free. This could lead to remote escalation of privilege, when devices are connecting to the attacker-controllable Wi-Fi hotspot, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06468872; Issue ID: ALPS06468872.

10 Most Prolific Banking Trojans Targeting Hundreds of Financial Apps with Over a Billion Users

10 of the most prolific mobile banking trojans have set their eyes on 639 financial applications that are available on the Google Play Store and have been cumulatively downloaded over 1.01 billion times. Some of the most targeted apps include Walmart-backed PhonePe, Binance, Cash App, Garanti BBVA Mobile, La Banque Postale, Ma Banque, Caf - Mon Compte, Postepay, and BBVA México. These apps alone

Google May Owe You a Chunk of $100 Million

Plus: The US admits to cyber operations supporting Ukraine, SCOTUS investigates its own, and a Michael Flynn surveillance mystery is solved.