Advisory ID: NCC-CSIRT-1228-064
Summary: The PROFINET Discovery and Configuration Protocol (PN-DCP) for Cisco Internetworking Operating System (IOS) Software has a vulnerability in its implementation. An unauthenticated, remote attacker can exploit the vulnerability to force a reload on a vulnerable device, launching a denial of service (DoS) attack.
Vulnerable Platform(s): Cisco Internetworking Operating System (IOS)
Advisory ID: NCC-CSIRT-0812-062
Summary: Researchers from the mobile security firm Zimperium have found several apps that transmit malware known as "Schoolyard Bully" while disguising itself as reading and educational apps with a variety of books and topics for their victims to study. The malicious apps were available on Google Play, yet they have already been taken down. However, they still spread via third-party Android app shops. The malware infected over 300,000 android devices, and its primary objective is to steal Facebook account information, including the email address and password, account ID, username, device name, device RAM (Random Access Memory), and device API (Application Programming Interface).
Vulnerable Platform(s):
Facebook Social Media Platform
Advisory ID: NCC-CSIRT-0612-061
Summary: An integrity mechanism known as Secure Boot, which ensures that only trusted software is loaded during system start-up, has a vulnerability that Martin Smolar, an ESET security researcher, uncovered in Acer laptop Computers. This gives the attacker total control over how the operating system loads and gives them the power to deactivate or bypass security measures to secretly install malware with system privileges.
Vulnerable Platform(s): Operating Systems
Advisory ID: NCC-CSIRT-0512-060
Summary: Over 5.4 million Twitter users' data were exposed due to the discoverability by phone number/email restriction bypass vulnerability that was publicized on a hacker forum.Attackers are exploiting the vulnerability to find a twitter account by its phone number/email even if the user has prohibited this in the privacy settings.
Vulnerable Platform(s):
Twitter social networking platform
Advisory ID: NCC-CSIRT-3011-059
Summary: Maxime Ingrao, an Evina's security researcher discovered a fraudulent Android SMS app called "Symoo" that has over 100,000 downloads on Google Play store. The malicious app discreetly serves as an SMS intermediary for a service that creates accounts on websites including Facebook, Instagram, Telegram, Google, and Instagram. After being installed successfully, the malicious app takes over the victims' devices and creates many OTPs (one-time passwords). Furthermore, the attackers rented out the infected devices as virtual numbers for relaying a one-time passcode used to verify a user while creating new accounts.
Vulnerable Platform(s): Microsoft, Google, Instagram, Telegram, and Facebook.
Read more: A Malicious Android SMS Application Hijacks Victims' Devices Using an SMS Relay.
- New Phishing Attacks Exploit Windows Zero-Day Vulnerability to Drop Qbot Malware
- Todo: Day Manager Installs Banking Trojan Malware (Xenomorph) That Steals Banking Login Details
- Lock Screen Bypass Vulnerability on Android Phones
- Somnia Ransomware using Vidar Malware(Vidar Stealer) to give unauthorized access to User Telegram Account/Corporate Account