#android

Microsoft on Thursday disclosed details of a new vulnerability that could allow an attacker to bypass security restrictions in macOS and take complete control of the device to perform arbitrary operations on the device without getting flagged by traditional security solutions. Dubbed "Shrootless" and tracked as CVE-2021-30892, the "vulnerability lies in how Apple-signed packages with

An unidentified threat actor has been linked to a new Android malware strain that features the ability to root smartphones and take complete control over infected smartphones while simultaneously taking steps to evade detection. The malware has been named "AbstractEmu" owing to its use of code abstraction and anti-emulation checks undertaken to thwart analysis right from the moment the apps are

Android NFC suffers from a type confusion vulnerability due to a race condition during a tag type change.

Red Hat Security Advisory 2021-3915-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

Mini-XML version 3.2 suffers from a heap overflow vulnerability.

Umbraco version 8.14.1 suffers from a server-side request forgery vulnerability.

An unidentified threat actor has been linked to a new Android malware strain that features the ability to root smartphones and take complete control over infected smartphones while simultaneously taking steps to evade detection. The malware has been named "AbstractEmu" owing to its use of code abstraction and anti-emulation checks to avoid running while under analysis. Notably, the global mobile

Nobelium, the threat actor behind the SolarWinds compromise in December 2020, has been behind an ongoing wave of attacks that compromised 14 downstream customers of multiple cloud service providers (CSP), managed service providers (MSP), and other IT services organizations, illustrating the adversary's continuing interest in targeting the supply chain via the "compromise-one-to-compromise-many"

A global fraud campaign has been found leveraging 151 malicious Android apps with 10.5 million downloads to rope users into premium subscription services without their consent and knowledge. The premium SMS scam campaign — dubbed "UltimaSMS" — is believed to commenced in May 2021 and involved apps that cover a wide range of categories, including keyboards, QR code scanners, video and photo

By Waqas The UltimaSMS Adware scam is abusing Android apps to subscribe users to premium SMS services that charge up to $40/month depending on their mobile carrier and geographic location. This is a post from HackRead.com Read the original post: Millions of Android devices abused by UltimaSMS Adware Scam