A high severity flaw, tracked as CVE-2020-11292, affects Qualcomm Mobile Station Modem chips used by around 30% of all smartphones worldwide Researchers from Checkpoint have discovered a buffer overflow vulnerability, tracked as CVE-2020-11292, in the Qualcomm Mobile Station Modem that can be exploited by attackers to trigger memory corruption and execute arbitrary code on the […]
As with any standardization effort, development of 5G specifications accounted for numerous technology trends and new use cases. Network functions were designed for virtualization and automation to enhance operational efficiency and agility. At the same time, smart devices were in the midst of a steep ascent, and there was clear business value in new applications that took advantage of the optimized service characteristics of 5G, with somewhat cryptic names like Vehicle-to-Everything (V2X), Massive Machine-Type Communications (mMTC), and Ultra-Reliable Low-Latency Communication (URLLC).
Phishing activity increased significantly in the first few months of 2020, taking advantage of pandemic-induced product shortages and increased usage of streaming services, OpenText reveals. For the first time, eBay topped the list of brands most targe…
Cellebrite mobile forensics tool Ufed contains multiple flaws that allow arbitrary code execution on the device, SIGNAL creator warns. Moxie Marlinspike, the creator of the popular encrypted messaging app Signal, announced that Cellebrite mobile forensics tools developed by Cellebrite are affected by multiple vulnerabilities that could be exploited to achieve arbitrary code execution. Cellebrite develops […]
The post Cellebrite ‘s forensics tool affected by arbitrary code execution issue appeared first on Security Affairs.
Researchers from Human Security have uncovered a huge botnet of Android devices being used to conduct fraud in the connected TV advertising ecosystem. Security researchers at Human Security (formerly White Ops) discovered a massive Android botnet, dubbed Pareto, used to conduct fraud in the Connected TV (CTV) advertising ecosystem. The Pareto botnet is composed of […]
The post Pareto Botnet, million infected Android devices conduct fraud in the CTV ad ecosystem appeared first on Security Affairs.
A WhatsApp malware dubbed WhatsApp Pink is able to automatically reply to victims’ Signal, Telegram, Viber, and Skype messages. A WhatsApp malware dubbed WhatsApp Pink has now been updated, authors have implemented the ability to automatically respond to victims’ Signal, Telegram, Viber, and Skype messages. WhatsApp Pink is a fake app that was first discovered this week, […]
The post WhatsApp Pink malware spreads via group chat messages appeared first on Security Affairs.
Today we completed and published a new “topic-specific” information security policy template on clear desk and screen.Having previously considered information risks within the policy scope, writing the policy involved determining how to treat the risks…
WhatsApp addressed two security vulnerabilities in its app for Android that could have been exploited to remotely hack the victim’s device. WhatsApp recently addressed two security vulnerabilities in its app for Android that could have been exploited by remote attackers to execute malicious code on a target device and potentially eavesdrop on communications. The vulnerabilities […]
The post WhatsApp flaws could have allowed hackers to remotely hack mobile devices appeared first on Security Affairs.
More than 500,000 Huawei users have been infected with the Joker malware after downloading apps from the company’s official Android store. More than 500,000 Huawei users were infected with the Joker malware after they have downloaded tainted apps from the company’s official Android store. The fight to the Joker malware (aka Bread) begun in September […]
The post Joker malware infected 538,000 Huawei Android devices appeared first on Security Affairs.
APKPure, one of the largest alternative app stores, was the victim of a supply chain attack, threat actors compromised client version 3.17.18 to deliver malware. Multiple security experts discovered threat actors tampered with the APKPure client version 3.17.18 of the popular alternative third-party Android app store. APKPure is available only on devices that use Google […]
The post Hackers compromised APKPure client to distribute infected Apps appeared first on Security Affairs.