August 12, 2024 at 11:54AM Vulnerabilities in Google’s Quick Share utility allowed man-in-the-middle attacks and unauthorized file transfers to Windows devices. SafeBreach discovered 10 vulnerabilities, prompting two CVEs, and detailed their findings at DEF CON 32. The flaws have been addressed, but the utility remains under scrutiny. A scheduled task vulnerability was also exploited. The … Read more
August 8, 2024 at 12:34PM A vulnerability called “0.0.0.0 Day” was revealed 18 years ago, enabling harmful websites to circumvent security in Google Chrome, Mozilla Firefox, and Apple Safari, and access local network services. Based on the meeting notes, the key takeaway is that there is a serious vulnerability called “0.0.0.0 Day” that was disclosed … Read more
June 26, 2024 at 09:35AM Snowblind, a new Android malware, bypasses app anti-tampering protections by abusing the seccomp security feature. It targets apps handling sensitive data, intercepts system calls, and manipulates processes to avoid detection and modify app behavior. Google Play Protect offers automatic protection, but the malware’s techniques could pose a threat to Android … Read more