Security
Headlines
HeadlinesLatestCVEs

Tag

#git

Zanubis Android Banking Trojan Poses as Peruvian Government App to Target Users

An emerging Android banking trojan called Zanubis is now masquerading as a Peruvian government app to trick unsuspecting users into installing the malware. "Zanubis's main infection path is through impersonating legitimate Peruvian Android applications and then tricking the user into enabling the Accessibility permissions in order to take full control of the device," Kaspersky said in an

The Hacker News
Open in Source
#web#android#mac#git#The Hacker News
Ransomware reinfections on the rise from improper remediation

Ransomware attacks have been ramping up in 2023 and reinfections are occurring all over the globe, forcing lean IT teams to prepare. (Read more...) The post Ransomware reinfections on the rise from improper remediation appeared first on Malwarebytes Labs.

Microsoft Defender Flags Tor Browser as Win32/Malgent!MTB Malware

By Waqas Win32/Malgent!MTB is a generic detection that Microsoft Defender uses to identify Trojans that are designed to perform a variety of malicious actions on a computer. This is a post from HackRead.com Read the original post: Microsoft Defender Flags Tor Browser as Win32/Malgent!MTB Malware

Russian Court Jails Crypto Money Launderer for 12 Years

By Waqas A Russian crypto money launderer and drug trafficker has been sentenced to 11.5 years by the Ryazan region of Russia. This is a post from HackRead.com Read the original post: Russian Court Jails Crypto Money Launderer for 12 Years

GHSA-39m3-cj8c-886r: Dolibarr Cross-site Scripting vulnerability

Cross-site Scripting (XSS) - Generic in GitHub repository dolibarr/dolibarr prior to 18.0.0.

CVE-2023-5323: Fix #hunter7a048bb7-bfdd-4299-931e-9bc283e92bc8 · Dolibarr/dolibarr@695ca08

Cross-site Scripting (XSS) - Generic in GitHub repository dolibarr/dolibarr prior to 18.0.

Red Hat OpenShift Service on AWS assessed to process Australian Government Data at PROTECTED level

Red Hat—the world’s leading provider of open source solutions—is excited to announce the successful completion of the Infosec Registered Assessors Program (IRAP) assessment of Red Hat OpenShift Service on AWS (ROSA). IRAP is managed by the Australian Signals Directorate (ASD). ASD endorses qualified cybersecurity professionals to provide relevant security assessment services which aim to secure broader industry and Australian government systems and data. The IRAP assessment rigorously evaluated ROSA controls and has provided assurance that ROSA aligns with the Australian Information S

Electrolink FM/DAB/TV Transmitter SuperAdmin Hidden Functionality

The device allows an unauthenticated attacker to bypass authentication and modify the Cookie to reveal hidden pages that allows more critical operations to the transmitter.

Electrolink FM/DAB/TV Transmitter Vertical Privilege Escalation

The application suffers from a privilege escalation vulnerability. An attacker can escalate his privileges by poisoning the Cookie from GUEST to ADMIN to effectively become Administrator or poisoning to ZSL to become Super Administrator.

Electrolink FM/DAB/TV Transmitter Remote Authentication Removal

The application is vulnerable to an unauthenticated parameter manipulation that allows an attacker to set the credentials to blank giving her access to the admin panel. Also vulnerable to account takeover and arbitrary password change.