Cybersecurity researchers have detailed a high severity flaw in KCodes NetUSB component that's integrated into millions of end-user router devices from Netgear, TP-Link, Tenda, EDiMAX, D-Link, and Western Digital, among others. KCodes NetUSB is a Linux kernel module that enables devices on a local network to provide USB-based services over IP. Printers, external hard drives, … [Read more...] about New KCodes NetUSB Bug Affect Millions of Routers from Different Vendors
Millions
Beware! This Android Trojan Stole Millions of Dollars from Over 10 Million Users
A newly discovered "aggressive" mobile campaign has infected north of 10 million users from over 70 countries via seemingly innocuous Android apps that subscribe the individuals to premium services costing €36 (~$42) per month without their knowledge. Zimperium zLabs dubbed the malicious trojan "GriftHorse." The money-making scheme is believed to have been under active … [Read more...] about Beware! This Android Trojan Stole Millions of Dollars from Over 10 Million Users
Critical ThroughTek SDK Bug Could Let Attackers Spy On Millions of IoT Devices
A security vulnerability has been found affecting several versions of ThroughTek Kalay P2P Software Development Kit (SDK), which could be abused by a remote attacker to take control of an affected device and potentially lead to remote code execution. Tracked as CVE-2021-28372 (CVSS score: 9.6) and discovered by FireEye Mandiant in late 2020, the weakness concerns an improper … [Read more...] about Critical ThroughTek SDK Bug Could Let Attackers Spy On Millions of IoT Devices
16-Year-Old Security Bug Affects Millions of HP, Samsung, Xerox Printers
Details have emerged about a high severity security vulnerability affecting a software driver used in HP, Xerox, and Samsung printers that has remained undetected since 2005. Tracked as CVE-2021-3438 (CVSS score: 8.8), the issue concerns a buffer overflow in a print driver installer package named "SSPORT.SYS" that can enable remote privilege and arbitrary code execution. … [Read more...] about 16-Year-Old Security Bug Affects Millions of HP, Samsung, Xerox Printers
A New Software Supply‑Chain Attack Targeted Millions With Spyware
Cybersecurity researchers today disclosed a new supply chain attack compromising the update mechanism of NoxPlayer, a free Android emulator for PCs and Macs. Dubbed "Operation NightScout" by Slovak cybersecurity firm ESET, the highly-targeted surveillance campaign involved distributing three different malware families via tailored malicious updates to selected victims based in … [Read more...] about A New Software Supply‑Chain Attack Targeted Millions With Spyware
Amnesia:33 — Critical TCP/IP Flaws Affect Millions of IoT Devices
Cybersecurity researchers disclosed a dozen new flaws in multiple widely-used embedded TCP/IP stacks impacting millions of devices ranging from networking equipment and medical devices to industrial control systems that could be exploited by an attacker to take control of a vulnerable system. Collectively called "AMNESIA:33" by Forescout researchers, it is a set of 33 … [Read more...] about Amnesia:33 — Critical TCP/IP Flaws Affect Millions of IoT Devices
Unpatched Bug in GO SMS Pro App Exposes Millions of Media Messages
GO SMS Pro, a popular messaging app for Android with over 100 million installs, has been found to have an unpatched security flaw that publicly exposes media transferred between users, including private voice messages, photos, and videos."This means any sensitive media shared between users of this messenger app is at risk of being compromised by an unauthenticated attacker or … [Read more...] about Unpatched Bug in GO SMS Pro App Exposes Millions of Media Messages
Phorpiex Botnet Sending Out Millions of Sextortion Emails Using Hacked Computers
A decade-old botnet malware that currently controls over 450,000 computers worldwide has recently shifted its operations from infecting machines with ransomware or crypto miners to abusing them for sending out sextortion emails to millions of innocent people.Extortion by email is growing significantly, with a large number of users recently complaining about receiving sextortion … [Read more...] about Phorpiex Botnet Sending Out Millions of Sextortion Emails Using Hacked Computers
New Flaws in Qualcomm Chips Expose Millions of Android Devices to Hacking
A series of critical vulnerabilities have been discovered in Qualcomm chipsets that could allow hackers to compromise Android devices remotely just by sending malicious packets over-the-air with no user interaction.Discovered by security researchers from Tencent's Blade team, the vulnerabilities, collectively known as QualPwn, reside in the WLAN and modem firmware of Qualcomm … [Read more...] about New Flaws in Qualcomm Chips Expose Millions of Android Devices to Hacking
Important Flaw in Outlook App for Android Affects Over 100 Millions Users
Update (22 July 2019) — More technical details and proof-of-concept for the OutLook for Android vulnerability has been released that we have covered in a separate article here.Microsoft today released an updated version of its "Outlook for Android" that patches an important security vulnerability in the popular email app that is currently being used over 100 million … [Read more...] about Important Flaw in Outlook App for Android Affects Over 100 Millions Users