Security
Headlines
HeadlinesLatestCVEs

Tag

#google

Google's New Restore Credentials Tool Simplifies App Login After Android Migration

Google has introduced a new feature called Restore Credentials to help users restore their account access to third-party apps securely after migrating to a new Android device. Part of Android's Credential Manager API, the feature aims to reduce the hassle of re-entering the login credentials for every app during the handset replacement. "With Restore Credentials, apps can seamlessly onboard

The Hacker News
#android#google#ssl#The Hacker News
99% of UAE’s .ae Domains Exposed to Phishing and Spoofing

Only 1.11% of UAE's 37,926 .ae domains have implemented DMARC, leaving most vulnerable to phishing and and spoofing attacks.

Google Exposes GLASSBRIDGE: A Pro-China Influence Network of Fake News Sites

Government agencies and non-governmental organizations in the United States have become the target of a nascent China state threat actor known as Storm-2077. The adversary, believed to be active since at least January 2024, has also conducted cyber attacks against the Defense Industrial Base (DIB), aviation, telecommunications, and financial and legal services across the world, Microsoft said.

Yakuza Victim Data Leaked in Japanese Agency Attack

A local government resource for helping Japanese citizens cut ties with organized crime was successfully phished in a tech support scam, and could have dangerous consequences.

Leaky Cybersecurity Holes Put Water Systems at Risk

At least 97 major water systems in the US have serious cybersecurity vulnerabilities and compliance issues, raising concerns that cyberattacks could disrupt businesses, industry, and the lives of millions of citizens.

Linux 6.6 Race Condition

A security-relevant race between mremap() and THP code has been discovered. Reaching the buggy code typically requires the ability to create unprivileged namespaces. The bug leads to installing physical address 0 as a page table, which is likely exploitable in several ways: For example, triggering the bug in multiple processes can probably lead to unintended page table sharing, which probably can lead to stale TLB entries pointing to freed pages.

Apple Security Advisory 11-19-2024-5

Apple Security Advisory 11-19-2024-5 - macOS Sequoia 15.1.1 addresses code execution vulnerabilities.

Apple Security Advisory 11-19-2024-4

Apple Security Advisory 11-19-2024-4 - iOS 17.7.2 and iPadOS 17.7.2 addresses code execution vulnerabilities.

Apple Security Advisory 11-19-2024-3

Apple Security Advisory 11-19-2024-3 - iOS 18.1.1 and iPadOS 18.1.1 addresses code execution vulnerabilities.

Russian Spies Jumped From One Network to Another Via Wi-Fi in an Unprecedented Hack

In a first, Russia's APT28 hacking group appears to have remotely breached the Wi-Fi of an espionage target by hijacking a laptop in another building across the street.