Tag Android

Hackers Compromise LineageOS, Ghost, and DigiCert Servers Exploiting SaltStack Vulnerability

Shortly after cybersecurity researchers raised warnings about two significant vulnerabilities in the SaltStack configuration framework, an ongoing campaign has already begun exploiting these flaws, targeting organizations such as LineageOS, Ghost, and DigiCert. The vulnerabilities, identified as CVE-2020-11651 and CVE-2020-11652, permit attackers to execute arbitrary code on remote servers operating within…

Read MoreHackers Compromise LineageOS, Ghost, and DigiCert Servers Exploiting SaltStack Vulnerability

Qualcomm Unveils Information on Chip Vulnerabilities Targeted in Specific Attacks

Qualcomm Issues Security Advisory for High-Severity Flaws In recent developments, chipmaker Qualcomm has disclosed significant information regarding three critical security vulnerabilities that were reportedly exploited in targeted attacks as of October 2023. The company emphasized that these flaws were subjected to “limited, targeted exploitation,” raising alarms about their implications for…

Read MoreQualcomm Unveils Information on Chip Vulnerabilities Targeted in Specific Attacks

New Bluetooth Vulnerability Could Allow Hackers to Control Android, Linux, macOS, and iOS Devices

A significant security vulnerability affecting Bluetooth technology poses risks to Android, Linux, macOS, and iOS devices. Identified as CVE-2023-45866, this flaw allows malicious actors to bypass authentication procedures, enabling unauthorized access to susceptible devices and the capability to execute commands remotely. According to security researcher Marc Newlin, who disclosed these…

Read MoreNew Bluetooth Vulnerability Could Allow Hackers to Control Android, Linux, macOS, and iOS Devices

New 5G Modem Vulnerabilities Impact iOS and Major Android Devices

Recent research has unveiled a series of critical security vulnerabilities within the firmware of 5G mobile network modems manufactured by major semiconductor companies, notably MediaTek and Qualcomm. These vulnerabilities affect a range of devices, including USB and Internet of Things (IoT) modems, as well as hundreds of smartphone models operating…

Read MoreNew 5G Modem Vulnerabilities Impact iOS and Major Android Devices

Facebook Harvested Your Android Call History and SMS Data for Years

A recent incident has underscored the extent of data collection by Facebook, particularly concerning its Messenger application installed on Android devices. Reports indicate that until late last year, Facebook was collecting users’ contact lists, SMS, and call history data without explicit user consent, raising serious privacy concerns. The situation gained…

Read MoreFacebook Harvested Your Android Call History and SMS Data for Years

Thousands of Mobile Apps Put Unsecured Firebase Databases at Risk

Recent investigations by mobile security experts have unveiled extensive vulnerabilities within Firebase databases used by numerous iOS and Android applications. These deficiencies have exposed over 100 million data records, including unencrypted passwords, user identifiers, geographical data, and in certain instances, sensitive financial information related to banking and cryptocurrency transactions. As…

Read MoreThousands of Mobile Apps Put Unsecured Firebase Databases at Risk

Microsoft’s January 2024 Windows Update Addresses 48 New Vulnerabilities

In a significant update released for January 2024, Microsoft has patched a total of 48 security vulnerabilities across its software ecosystem. This month’s Patch Tuesday includes two flaws classified as Critical and 46 as Important. Notably, there are no indications that any of these vulnerabilities are being actively exploited or…

Read MoreMicrosoft’s January 2024 Windows Update Addresses 48 New Vulnerabilities

New PIN Verification Bypass Vulnerability Impacts Visa Contactless Payments

In a troubling development for the cybersecurity landscape, Visa has alerted the public to a JavaScript web skimmer called Baka. Concurrently, a group of researchers from ETH Zurich has identified a critical authentication vulnerability in Visa’s EMV-enabled payment cards, which could be exploited by cybercriminals to unlawfully extract funds from…

Read MoreNew PIN Verification Bypass Vulnerability Impacts Visa Contactless Payments

U.S. Treasury Imposes Sanctions on Iranian Intelligence-Supported Hacking Group

The U.S. government announced extensive sanctions on Thursday against an Iranian cybersecurity threat actor associated with the Ministry of Intelligence and Security (MOIS). The sanctions are a response to a series of malware campaigns that have targeted Iranian dissidents, journalists, and entities within the telecom and travel sectors globally. According…

Read MoreU.S. Treasury Imposes Sanctions on Iranian Intelligence-Supported Hacking Group