#apple

New BrutePrint Attack Lets Attackers Unlock Smartphones with Fingerprint Brute-Force

Researchers have discovered an inexpensive attack technique that could be leveraged to brute-force fingerprints on smartphones to bypass user authentication and seize control of the devices. The approach, dubbed BrutePrint, bypasses limits put in place to counter failed biometric authentication attempts by weaponizing two zero-day vulnerabilities in the smartphone fingerprint authentication (SFA

1 year ago

The Hacker News

Open in Source

#vulnerability #web #ios #android #apple #google #dos #java #intel #perl #amd #samsung #huawei #auth #xiaomi #zero_day #chrome #The Hacker News

A week in security (May 22-28)

Categories: News Tags: Cisco Tags: Zyxel Tags: ChatGPT Tags: Malvertising Tags: Apple Tags: Google Tags: insider threat Tags: Pentagon explosion Tags: CISA Tags: ransomware guide Tags: Rheinmetall Tags: BlackBasta Tags: WordPress A list of topics we covered in the week of May 22- 28 of 2023 (Read more...) The post A week in security (May 22-28) appeared first on Malwarebytes Labs.

1 year ago

Malwarebytes

Open in Source

#ios #android #mac #windows #apple #google #cisco #wordpress

CVE-2023-31874: Yank Note 3.52.1 Arbitrary Code Execution ≈ Packet Storm

Yank Note (YN) 3.52.1 allows execution of arbitrary code when a crafted file is opened, e.g., via nodeRequire('child_process').

1 year ago

CVE

Open in Source

#vulnerability #mac #apple #ubuntu #js #git #auth

Stealing From Wallets to Browsers: Bandit Stealer Hits Windows Devices

By Deeba Ahmed Watch out for the Bandit Stealer malware that is being distributed through phishing emails. This is a post from HackRead.com Read the original post: Stealing From Wallets to Browsers: Bandit Stealer Hits Windows Devices

1 year ago

HackRead

Open in Source

#web #android #windows #apple #microsoft #git

WBCE CMS 1.6.1 Cross Site Scripting

WBCE CMS version 1.6.1 suffers from a cross site scripting vulnerability.

1 year ago

Packet Storm

Open in Source

#xss #vulnerability #web #windows #apple #linux #js #git #java #php #auth #chrome #webkit

Predator Android Spyware: Researchers Sound the Alarm on Alarming Capabilities

Security researchers have shared a deep dive into the commercial Android spyware called Predator, which is marketed by the Israeli company Intellexa (previously Cytrox). Predator was first documented by Google's Threat Analysis Group (TAG) in May 2022 as part of attacks leveraging five different zero-day flaws in the Chrome web browser and Android. The spyware, which is delivered by means of

1 year ago

The Hacker News

Open in Source

#web #android #windows #apple #google #cisco #git #intel #backdoor #asus #samsung #huawei #xiaomi #zero_day #chrome #sap #The Hacker News

It’s apparently hip to still be using Windows 7

Steam, the most popular video game storefront on PCs, only recently announced that it was ending support for Windows 7 and 8, and even then, it won’t be official until January.

1 year ago

TALOS

Open in Source