#android

The prolific China-linked nation-state actor known as APT41 has been linked to two previously undocumented strains of Android spyware called WyrmSpy and DragonEgg. "Known for its exploitation of web-facing applications and infiltration of traditional endpoint devices, an established threat actor like APT 41 including mobile in its arsenal of malware shows how mobile endpoints are high-value

Vulnerability in the Oracle Hyperion Financial Reporting product of Oracle Hyperion (component: Repository). The supported version that is affected is 11.2.13.0.000. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hyperion Financial Reporting. While the vulnerability is in Oracle Hyperion Financial Reporting, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hyperion Financial Reporting accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Hyperion Financial Reporting. CVSS 3.1 Base Score 8.5 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L).

TP-LINK Archer C50v2 Archer C50(US)_V2_160801, TP-LINK Archer C20v1 Archer_C20_V1_150707, and TP-LINK Archer C2v1 Archer_C2_US__V1_170228 were discovered to contain a buffer overflow which may lead to a Denial of Service (DoS) when parsing crafted data.

An issue was discovered in the Linux kernel before 6.3.9. ksmbd does not validate the SMB request protocol ID, leading to an out-of-bounds read.

Threat actors are taking advantage of Android's WebAPK technology to trick unsuspecting users into installing malicious web apps on Android phones that are designed to capture sensitive personal information. "The attack began with victims receiving SMS messages suggesting the need to update a mobile banking application," researchers from CSIRT KNF said in an analysis released last week. "The

By Deeba Ahmed The attack's perpetrators are Vietnamese, as confirmed by Malwarebytes. This is a post from HackRead.com Read the original post: Fake Ads Manager Software and Malicious Extensions Target Facebook Accounts

Categories: Podcast This week on Lock and Code, we speak with maia arson crimew about the hack of the monitoring app LetMeSpy, which many have labeled as stalkerware. (Read more...) The post Spy vs. spy: Exploring the LetMeSpy hack, with maia arson crimew appeared first on Malwarebytes Labs.

Microsoft Word documents exploiting known remote code execution flaws are being used as phishing lures to drop malware called LokiBot on compromised systems. "LokiBot, also known as Loki PWS, has been a well-known information-stealing Trojan active since 2015," Fortinet FortiGuard Labs researcher Cara Lin said. "It primarily targets Windows systems and aims to gather sensitive information from

Categories: News Tags: week Tags: security Tags: July Tags: 2023 A list of topics we covered in the week of July 10 to July 16 of 2023 (Read more...) The post A week in security (July 10 - 16) appeared first on Malwarebytes Labs.

By Waqas The developer behind the malicious app, Limestone Software Solutions, has also been banned from the Google Play Store. This is a post from HackRead.com Read the original post: Google Removes Swing VPN Android App Exposed as DDoS Botnet