Tag
#xiaomi
A collection of security flaws in the firmware implementation of 5G mobile network modems from major chipset vendors such as MediaTek and Qualcomm impact USB and IoT modems as well as hundreds of smartphone models running Android and iOS. Of the 14 flaws – collectively called 5Ghoul (a combination of "5G" and "Ghoul") – 10 affect 5G modems from the two companies, out of which three
Since April 2022, Cisco Talos has been tracking a malicious campaign operated by the espionage-motivated Arid Viper advanced persistent threat (APT) group targeting Arabic-speaking Android users.
Plus: Major vulnerability fixes are now available for a number of enterprise giants, including Cisco, VMWare, Citrix, and SAP.
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Xiaomi Xiaomi Router allows Command Injection.
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Xiaomi Xiaomi Router allows Overflow Buffers.
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Xiaomi Xiaomi Router allows Command Injection.
Categories: Android Categories: News Categories: Personal Tags: android Tags: upgrade Tags: transfer Tags: backup Tags: dispose Tags: wipe A few tips and how-tos for when you are ready to move to the next Android phone. Backup, transfer, wipe, and move on. (Read more...) The post Upgrading your Android device? Read this first appeared first on Malwarebytes Labs.
Categories: Android Categories: News Tags: Google Tags: Android Tags: Qualcomm Tags: webp Tags: ARM Mali Tags: cve-2023-4863 Tags: cve-2023-4211 Tags: cve-2023-33106 Tags: cve-2023-33107 Tags: cve-2023-22071 Tags: cve-2023-33063 Tags: 2023-10-006 Tags: patch level Google has patched 53 vulnerabilities in its Android October security updates, two of which are known to be actively exploited. (Read more...) The post Update your Android devices now! Google patches two actively exploited vulnerabilities appeared first on Malwarebytes Labs.
An updated version of an Android banking trojan called Xenomorph has set its sights on more than 35 financial institutions in the U.S. The campaign, according to Dutch security firm ThreatFabric, leverages phishing web pages that are designed to entice victims into installing malicious Android apps that target a broader list of apps than its predecessors. Some of the other targeted prominent
A vulnerability has been discovered in Xiaomi routers that could allow command injection through an external interface. This vulnerability arises from inadequate filtering of responses returned from the external interface. Attackers could exploit this vulnerability by hijacking the ISP or an upper-layer router to gain privileges on the Xiaomi router. Successful exploitation of this flaw could permit remote code execution and complete compromise of the device.