Thursday November 21, 2024

Details

Chipmaker Qualcomm has released more information about three high-severity security flaws that it said came under "limited, targeted exploitation" back in October 2023.

The vulnerabilities are as follows -

CVE-2023-33063 (CVSS score: 7.8) - Memory corruption in DSP Services during a remote call from HLOS to DSP.

CVE-2023-33106 (CVSS score: 8.4) - Memory corruption in Graphics while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND.

CVE-2023-33107 (CVSS score: 8.4) - Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call.

Google's Threat Analysis Group and Google Project Zero revealed back in October 2023 that the three flaws, along with CVE-2022-22071 (CVSS score: 8.4), have been exploited in the wild as part of limited, targeted attacks. Read More..

Details

A new "post-exploitation tampering technique" can be abused by malicious actors to visually deceive a target into believing that their Apple iPhone is running in Lockdown Mode when it's actually not and carry out covert attacks.

The novel method, detailed by Jamf Threat Labs in a report shared with The Hacker News, "shows that if a hacker has already infiltrated your device, they can cause Lockdown Mode to be 'bypassed' when you trigger its activation."

In other words, the goal is to implement Fake Lockdown Mode on a device that's compromised by an attacker through other means, such as unpatched security flaws that can trigger execution of arbitrary code. Read More..

Details

More than a dozen malicious loan apps, which are generically named SpyLoan, have been downloaded more than 12 million times this year from Google Play but the count is much larger since they are also available on third-party stores and suspicious websites.

SpyLoan Android threats steal from the device personal data that includes a list of all accounts, device info, call logs, installed apps, calendar events, local Wi-Fi network details, and metadata from images. Researchers say that the risk also extends to contacts list, location data, and text messages. Read More..

Details

Microsoft provides three more years of Windows Server 2012 Extended Security Updates (ESUs) until October 2026, giving administrators more time to upgrade or migrate to Azure.

The company also prolonged the end date for Windows Server 2012 and extended support by five years to provide customers with additional time to transition to supported versions of Windows Server, even though its mainstream support ended in October 2018.

"You can now get three additional years of Extended Security Updates (ESUs) if you need more time to upgrade and modernize your Windows Server 2012, Windows Server R2, or Windows Embedded Server 2012 R2 on Azure," Microsoft said. Read More..

Details

A threat group known as Anonymous Sudan claimed that they were the ones who took down Cloudflare's website in a distributed denial-of-service (DDoS) attack.

Cloudflare confirmed that the outage resulted from a DDoS attack that only affected the www.cloudflare.com website without impacting other products or services. The company didn't attribute the attack to a specific threat actor.

"Cloudflare experienced a DDoS attack that caused intermittent connectivity issues to www.cloudflare.com for a few minutes. This DDoS attack did not affect any service or product capability that Cloudflare provides, and no customers were impacted by this incident," Read More..

  1. New Malvertising Campaign Uses Fake Windows News Portal to Distribute Malicious Installers
  2. Google Warns How Hackers Could Abuse Calendar Service as a Covert C2 Channel
  3. New CVSS 4.0 Vulnerability Severity Rating Standard Released
  4. Samsung Galaxy Gets New Auto Blocker Anti-Malware
  5. Massive Cybercrime URL Shortening Service Uncovered Via DNS Data

Page 11 of 30