Security
Headlines
HeadlinesLatestCVEs

Tag

#apple

VASTFLUX ad fraud massively affected millions of iOS devices, dismantled

Categories: Apple Categories: News Tags: VASTFLUX Tags: HUMAN Tags: fast flux Tags: VAST Tags: Matryoshka Tags: JavaScript Tags: JS Tags: iOS Tags: ad fraud Tags: malvertising Tags: Video Ad Serving Template Tags: VAST Tags: command-and-control Tags: C2 An evasive ad fraud campaign affecting iOS users has come to light. It’s called VASTFLUX. (Read more...) The post VASTFLUX ad fraud massively affected millions of iOS devices, dismantled appeared first on Malwarebytes Labs.

Malwarebytes
Open in Source
#ios#apple#js#git#java#intel#botnet
Roaming Mantis Malware Returns with DNS Changer Capability

By Deeba Ahmed Roaming Mantis malware was last seen in April 2018 targeting iOS and Android devices with cryptocurrency mining malware but this time, it has new DNS changer capabilities. This is a post from HackRead.com Read the original post: Roaming Mantis Malware Returns with DNS Changer Capability

4 ways to protect your privacy while scrolling

Categories: News Categories: Privacy Tags: Privacy Tags: browser Tags: VPN Tags: BrowserGuard For every level of privacy awareness, there are layers you can use to protect yourself. Here are four suggestions. (Read more...) The post 4 ways to protect your privacy while scrolling appeared first on Malwarebytes Labs.

CVE-2023-23314: File upload ssh authorized_keys causes RCE · Issue #90 · helloxz/zdir

An arbitrary file upload vulnerability in the /api/upload component of zdir v3.2.0 allows attackers to execute arbitrary code via a crafted .ssh file.

CVE-2022-46959: Back up files in any directory through directory traversal · Issue #56 · go-sonic/sonic

An issue in the component /admin/backups/work-dir of Sonic v1.0.4 allows attackers to execute a directory traversal.

TikTok CEO told to "step up efforts to comply" with digital laws

Categories: News Categories: Privacy Tags: TikTok Tags: Shou Zi Chew Tags: Thierry Breton Tags: EU Commissioner Tags: Digital Markets Act Tags: DMA Tags: Digital Services Act Tags: DSA Tags: Vera Jourova Tags: Caroline Greer Tags: GDPR Tags: General Data Protection Regulation Tags: Code of Practice on Disinformation In a recent meeting with TikTok's CEO, EU commissioner Thierry Breton impressed upon the company the need to comply with EU laws in light of the DSA, the DMA, and the GDPR. (Read more...) The post TikTok CEO told to "step up efforts to comply" with digital laws appeared first on Malwarebytes Labs.

CVE-2022-48123: ttt/15 at main · Am1ngl/ttt

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the servername parameter in the setting/delStaticDhcpRules function.

CVE-2022-48124: ttt/14 at main · Am1ngl/ttt

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the FileName parameter in the setting/setOpenVpnCertGenerationCfg function.