Security
Headlines
HeadlinesLatestCVEs

Tag

#samsung

Microsoft Releases Patches for 130 Vulnerabilities, Including 6 Under Active Attack

Microsoft on Tuesday released updates to address a total of 130 new security flaws spanning its software, including six zero-day flaws that it said have been actively exploited in the wild. Of the 130 vulnerabilities, nine are rated Critical and 121 are rated Important in severity. This is in addition to eight flaws the tech giant patched in its Chromium-based Edge browser towards the end of

The Hacker News
Open in Source
#vulnerability#web#android#windows#apple#google#microsoft#ubuntu#linux#debian#cisco#red_hat#apache#git#oracle#intel#backdoor#rce#vmware#lenovo#amd#samsung#ibm#dell#zero_day#chrome#firefox#sap#The Hacker News
How to Safely Architect AI in Your Cybersecurity Programs

Guardrails need to be set in place to ensure confidentiality of sensitive information, while still leveraging AI as a force multiplier for productivity.

Google Releases Android Patch Update for 3 Actively Exploited Vulnerabilities

Google has released its monthly security updates for the Android operating system, addressing 46 new software vulnerabilities. Among these, three vulnerabilities have been identified as actively exploited in targeted attacks. One of the vulnerabilities tracked as CVE-2023-26083 is a memory leak flaw affecting the Arm Mali GPU driver for Bifrost, Avalon, and Valhall chips. This particular

CVE-2023-30678: Samsung Mobile Security

Potential zip path traversal vulnerability in Calendar application prior to version 12.4.07.15 in Android 13 allows attackers to write arbitrary file.

CVE-2023-30671: Samsung Mobile Security

Logic error in package installation via adb command prior to SMR Jul-2023 Release 1 allows local attackers to downgrade installed application.

CISA Flags 8 Actively Exploited Flaws in Samsung and D-Link Devices

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has placed a set of eight flaws to the Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. This includes six shortcomings affecting Samsung smartphones and two vulnerabilities impacting D-Link devices. All the flaws have been patched as of 2021. CVE-2021-25394 (CVSS score: 6.4) - Samsung mobile

Researchers Use Power LED to Extract Encryption Keys in Groundbreaking Attack

By Deeba Ahmed This attack method can help attackers surpass all barriers to exploit side channels, which so far were not possible. This is a post from HackRead.com Read the original post: Researchers Use Power LED to Extract Encryption Keys in Groundbreaking Attack

CVE-2023-21518: Samsung Mobile Security

Improper access control vulnerability in SearchWidget prior to version 3.3 in China models allows untrusted applications to start arbitrary activity.

CVE-2023-21517: Samsung Mobile Security

Heap out-of-bound write vulnerability in Exynos baseband prior to SMR Jun-2023 Release 1 allows remote attacker to execute arbitrary code.

Researchers Find Way to Recover Cryptographic Keys by Analyzing LED Flickers

In what's an ingenious side-channel attack, a group of academics has found that it's possible to recover secret keys from a device by analyzing video footage of its power LED. "Cryptographic computations performed by the CPU change the power consumption of the device which affects the brightness of the device's power LED," researchers from the Ben-Gurion University of the Negev and Cornell