ATENTIONβΌ New - CVE-2015-9546
π Read
via "National Vulnerability Database".
An issue was discovered on Samsung mobile devices with KK(4.4) and later software through 2015-06-16. In some cases, HTTP is used for an Inputmethod, rather than HTTPS. A man-in-the-middle attacker can modify the client-server data stream to insert directory traversal sequences into an extracted file path. The Samsung ID is SVE-2015-4363 (November 2015).π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2015-8546
π Read
via "National Vulnerability Database".
An issue was discovered on Samsung mobile devices with software through 2015-11-12, affecting the Galaxy S6/S6 Edge, Galaxy S6 Edge+, and Galaxy Note5 with the Shannon333 chipset. There is a stack-based buffer overflow in the baseband process that is exploitable for remote code execution via a fake base station. The Samsung ID is SVE-2015-5123 (December 2015).π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2015-5524
π Read
via "National Vulnerability Database".
An issue was discovered on Samsung mobile devices with KK(4.4) and later software through 2015-05-13. There is a buffer overflow in datablock_write because the amount of received data is not validated. The Samsung ID is SVE-2015-4018 (December 2015).π Read
via "National Vulnerability Database".
π How to enable SMS verification code autofill in Android π
π Read
via "Security on TechRepublic".
Starting with Android 9, you can make two-factor authentication even easier.π Read
via "Security on TechRepublic".
TechRepublic
How to enable SMS verification code autofill in Android | TechRepublic
Starting with Android 9, you can make two-factor authentication even easier.
π How to enable SMS verification code autofill in Android π
π Read
via "Security on TechRepublic".
Starting with Android 9, you can make two-factor authentication even easier.π Read
via "Security on TechRepublic".
TechRepublic
How to enable SMS verification code autofill in Android | TechRepublic
Starting with Android 9, you can make two-factor authentication even easier.
π΄ SFO Hit by Web Compromise π΄
π Read
via "Dark Reading: ".
Web app credentials were stolen in attacks on two airport websites.π Read
via "Dark Reading: ".
Dark Reading
SFO Hit by Web Compromise
Web app credentials were stolen in attacks on two airport websites.
β WooCommerce Falls to Fresh Card-Skimmer Malware β
π Read
via "Threatpost".
The payment-card stealer differs from typical malware targeting WordPress-based e-commerce environments.π Read
via "Threatpost".
Threat Post
WooCommerce Falls to Fresh Card-Skimmer Malware
The payment-card stealer differs from typical malware targeting WordPress-based e-commerce environments.
β Apple, Google Team on Coronavirus Tracking β Sparking Privacy Fears β
π Read
via "Threatpost".
Apple and Google announced that decentralized Bluetooth technology will soon be rolled out for coronavirus contact tracing. The privacy implications are worrisome for some.π Read
via "Threatpost".
Threat Post
Apple, Google Team on Coronavirus Tracking β Sparking Privacy Fears
Apple and Google announced that decentralized Bluetooth technology would soon be available for coronavirus contact tracing, but some remain concerned about data privacy.
β Sextortion emails and porn scams are back β donβt let them scare you! β
π Read
via "Naked Security".
There is no video and the whole thing is a scam to prey on your fears.π Read
via "Naked Security".
Naked Security
Sextortion emails and porn scams are back β donβt let them scare you!
There is no video and the whole thing is a scam to prey on your fears.
β SFO Websites Hacked: Airport Discloses Data Breach β
π Read
via "Threatpost".
San Francisco International Airport notified users of two low-traffic websites of a data breach that occurred in March.π Read
via "Threatpost".
Threat Post
SFO Websites Hacked: Airport Discloses Data Breach
San Francisco International Airport notified users of two low-traffic websites of a data breach that occurred in March.
π1
ATENTIONβΌ New - CVE-2018-21058 (android)
π Read
via "National Vulnerability Database".
An issue was discovered on Samsung mobile devices with N(7.0), O(8.0) (exynos7420 or Exynos 8890/8996 chipsets) software. Cache attacks can occur against the Keymaster AES-GCM implementation because T-Tables are used; the Cryptography Extension (CE) is not used. The Samsung ID is SVE-2018-12761 (September 2018).π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-21057 (android)
π Read
via "National Vulnerability Database".
An issue was discovered on Samsung mobile devices with N(7.x) O(8.x, and P(9.0) (Exynos chipsets) software. There is a stack-based buffer overflow in the Shannon Baseband. The Samsung ID is SVE-2018-12757 (September 2018).π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-21056 (android)
π Read
via "National Vulnerability Database".
An issue was discovered on Samsung mobile devices with O(8.x) software. The Smartwatch displays Secure Folder Notification content. The Samsung ID is SVE-2018-12458 (September 2018).π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-21055 (android)
π Read
via "National Vulnerability Database".
An issue was discovered on Samsung mobile devices with N(7.0) (Qualcomm models using MSM8996 chipsets) software. A device can be rooted with a custom image to execute arbitrary scripts in the INIT context. The Samsung ID is SVE-2018-11940 (September 2018).π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-21054 (android)
π Read
via "National Vulnerability Database".
An issue was discovered on Samsung mobile devices with M(6.0), N(7.x) and O(8.x) except exynos9610/9820 in all Platforms, M(6.0) except MSM8909 SC77xx/9830 exynos3470/5420, N(7.0) except MSM8939, N(7.1) except MSM8996 SDM6xx/M6737T software. There is an integer underflow with a resultant buffer overflow in eCryptFS. The Samsung ID is SVE-2017-11857 (September 2018).π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-21053 (android)
π Read
via "National Vulnerability Database".
An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. There is Clipboard access in the lockscreen state via a physical keyboard. The Samsung ID is SVE-2018-12684 (October 2018).π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-21052 (android)
π Read
via "National Vulnerability Database".
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.X) (Exynos chipsets) software. There is incorrect usage of shared memory in the vaultkeeper Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2018-12855 (October 2018).π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-21051 (android)
π Read
via "National Vulnerability Database".
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) (Exynos chipsets) software. There is an invalid free in the fingerprint Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2018-12853 (October 2018).π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-21050 (android)
π Read
via "National Vulnerability Database".
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.X) (Exynos chipsets) software. There is a Buffer overflow in the esecomm Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2018-12852 (October 2018).π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-21049 (android)
π Read
via "National Vulnerability Database".
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.X) (Exynos chipsets) software. There is an arbitrary memory write in a Trustlet because a secure driver allows access to sensitive APIs. The Samsung ID is SVE-2018-12881 (November 2018).π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-21048 (android)
π Read
via "National Vulnerability Database".
An issue was discovered on Samsung mobile devices with O(8.x) software. There is a Notification leak on a locked device in Standalone Dex mode. The Samsung ID is SVE-2018-12925 (November 2018).π Read
via "National Vulnerability Database".