#ios

Nextcloud iOS is an ios application used to interface with the nextcloud home cloud ecosystem. In versions prior to 4.7.0 when an attacker has physical access to an unlocked device, they may enable the integration into the iOS Files app and bypass the Nextcloud pin/password protection and gain access to a users files. It is recommended that the Nextcloud iOS app is upgraded to 4.7.0. There are no known workarounds for this vulnerability.

Forcepoint (Stonesoft VPN Client) versions 6.2.0 and 6.8.0 suffer from a privilege escalation vulnerability.

An information disclosure vulnerability exists in the TGAInput::read_tga2_header functionality of OpenImageIO Project OpenImageIO v2.4.7.1. A specially crafted targa file can lead to a disclosure of sensitive information. An attacker can provide a malicious file to trigger this vulnerability.

By Deeba Ahmed According to cybersecurity researchers, a nation-state actor, LABYRINTH CHOLLIMA, is suspected to be behind the multi-stage attack on 3CXDesktopApp. This is a post from HackRead.com Read the original post: Popular PABX platform, 3CX Desktop App suffers supply chain attack

A group of academics from Northeastern University and KU Leuven has disclosed a fundamental design flaw in the IEEE 802.11 Wi-Fi protocol standard, impacting a wide range of devices running Linux, FreeBSD, Android, and iOS. Successful exploitation of the shortcoming could be abused to hijack TCP connections or intercept client and web traffic, researchers Domien Schepers, Aanjhan Ranganathan,

3CX said it's working on a software update for its desktop app after multiple cybersecurity vendors sounded the alarm on what appears to be an active supply chain attack that's using digitally signed and rigged installers of the popular voice and video conferencing software to target downstream customers. "The trojanized 3CX desktop app is the first stage in a multi-stage attack chain that pulls

Categories: Apple Categories: Exploits and vulnerabilities Categories: News Tags: macOS Tags: iOS Tags: iPadOS Tags: watchOS Tags: tvOS Tags: Studio Display Tags: CVE-2023-23529 Tags: type confusion Tags: emoji Apple has released security updates and new features for several of its products, including a fix for an actively exploited vulnerability. (Read more...) The post Update now! Apple fixes actively exploited vulnerability and introduces new features appeared first on Malwarebytes Labs.

By Habiba Rashid Google's Threat Analysis Group (TAG) labeled the spyware campaign as limited but highly targeted. This is a post from HackRead.com Read the original post: Google reveals spyware attack on Android, iOS, and Chrome

By Deeba Ahmed An unidentified Chinese APT group is suspected of operating the Mélofée malware. This is a post from HackRead.com Read the original post: Mélofée: The Latest Malware Targeting Linux Servers

By Owais Sultan SQL Server Management Studio (SSMS) is a software application developed by Microsoft that is used for configuring, managing,… This is a post from HackRead.com Read the original post: How to Hide Tables in SQL Server Management Studio