Aggregator

A vulnerability, which was classified as very critical, was found in Qualcomm Snapdragon Mobile up to SD 850. Affected is an unknown function of the component 802.11 Frame Handler. The manipulation leads to buffer over-read. This vulnerability is traded as CVE-2017-17772. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Qualcomm Snapdragon Mobile MDM9206/MDM9607/SD 835/SD 845/SD 850. This issue affects some unknown processing of the component WLAN Host Driver. The manipulation leads to improper input validation. The identification of this vulnerability is CVE-2017-15832. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Qualcomm Snapdragon Wired Infrastructure and Networking MDM9206/MDM9607/SD 835/SD 845/SD 850. This vulnerability affects unknown code of the component xbl_sec. The manipulation leads to improper authentication. This vulnerability was named CVE-2016-10394. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Sharp/Toshiba Tec MFP. This affects an unknown part. The manipulation leads to out-of-bounds read. This vulnerability is uniquely identified as CVE-2024-36254. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Sharp/Toshiba Tec MFP. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to incorrect permission assignment. This vulnerability is handled as CVE-2024-28955. The attack may be launched remotely. There is no exploit available.

TI Lookup from ANY.RUN is a versatile tool for gathering up-to-date intelligence on the latest cyber threats. The best way to demonstrate its effectiveness is to hear from actual security professionals about how they use the service in their daily work.   This time, we asked Jane_0sint, an accomplished network traffic analyst and the first ANY.RUN […]

The post Investigating Phishing Threats with TI Lookup: Use Cases from an Expert appeared first on ANY.RUN's Cybersecurity Blog.

360安全大脑监测到多起通过投递携带有“简历”相关话题的钓鱼鱼叉邮件作为初始访问阶段攻击载荷，诱导用户收取并打开其中携带的压缩包附件

360安全大脑监测到多起通过投递携带有“简历”相关话题的钓鱼鱼叉邮件作为初始访问阶段攻击载荷，诱导用户收取并打开其中携带的压缩包附件

360安全大脑监测到多起通过投递携带有“简历”相关话题的钓鱼鱼叉邮件作为初始访问阶段攻击载荷，诱导用户收取并打开其中携带的压缩包附件

Разработчики Pokémon Go придумали, как игрокам совместить приятное с полезным.

深入探讨如何在软件开发生命周期中无缝集成安全实践。

本期，一位技术大咖为我们分享其企业特色，把脉市场动向。

多少国内车企，又开始焦虑了。

余承东：「能超越华为 Mate 的，只有华为 Mate！」

SpyLoan apps, a type of PUP, are rapidly increasing, exploiting social engineering to deceive users into granting excessive permissions, where these apps, installed millions of times, exfiltrate sensitive data to C2 servers via encrypted HTTP requests.  Primarily targeting South America, Southern Asia, and Africa, these apps are often promoted through deceptive social media ads, as […]

The post Beware Of SpyLoan Apps Exploits Social Engineering To Steal User Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Array Networks AG and vxAG ArrayOS flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the Array Networks AG and vxAG ArrayOS flaw CVE-2023-28461 (CVSS score: 9.8) to its Known Exploited Vulnerabilities (KEV) catalog. Array Networks’ AG Series and vxAG (versions 9.4.0.481 and […]

Вопрос национальной безопасности вызывает споры внутри Пентагона.

Cifas figures reveal scammers stole over £11bn from UK consumers in the past 12 months