#android

By Waqas September 2023’s Most Wanted Malware: Remcos Wreaks Havoc in Colombia and Formbook Takes Top Spot after Qbot Shutdown, reveals Check Point. This is a post from HackRead.com Read the original post: Formbook Takes the Throne as Most Prevalent Malware

Categories: Android Categories: News Categories: Personal Tags: android Tags: upgrade Tags: transfer Tags: backup Tags: dispose Tags: wipe A few tips and how-tos for when you are ready to move to the next Android phone. Backup, transfer, wipe, and move on. (Read more...) The post Upgrading your Android device? Read this first appeared first on Malwarebytes Labs.

Categories: News Tags: Week Tags: security Tags: October Tags: 2023 A list of topics we covered in the week of October 2 to October 8, 2023 (Read more...) The post A week in security (October 2 - October 8) appeared first on Malwarebytes Labs.

By Waqas The Android TV box you recently purchased may be riddled with harmful backdoors. This is a post from HackRead.com Read the original post: Android TV Boxes Infected with Backdoors, Compromising Home Networks

By Deeba Ahmed Facebook’s official page was hacked on Facebook after bizarre posts, including demands for the release of ex-Pakistani PM… This is a post from HackRead.com Read the original post: Facebook’s Official Page Hacked; Demand Release of Pakistani PM Imran Khan

Plus: Sony confirms a breach of its networks, US federal agents get caught illegally using phone location data, and more.

### Impact This vulnerability affects deployments of FreeImage that involve decoding or processing malicious source .webp files. If you only process your own trusted files, this should not affect you, but **you should remove FreeImage from your project, as it is not maintained and presents a massive security risk**. If you are using FreeImage via ImageResizer.Plugins.FreeImage, please utilize [Imageflow](https://github.com/imazen/imageflow) or [Imageflow.Server](https://github.com/imazen/imageflow-dotnet-server) instead, or upgrade to ImageResizer 5 and use ImageResizer.Plugins.Imageflow (enable Prereleases on NuGet to access). FreeImage relies on Google's [libwebp](https://github.com/webmproject/libwebp) library to decode .webp images, and is affected by the recent zero-day out-of-bounds write vulnerability [CVE-2023-4863](https://nvd.nist.gov/vuln/detail/CVE-2023-4863) and https://github.com/advisories/GHSA-j7hp-h8jx-5ppr. The libwebp vulnerability also affects Chrome, Android,...

In killBackgroundProcesses of ActivityManagerService.java, there is a possible way to escape Google Play protection due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

In multiple locations, there is a possible way to crash multiple system services due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

In visitUris of Notification.java, there is a possible way to reveal image contents from another user due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.