94 Vulnerabilities Patched in Android With December 2023 Security Updates

December 5, 2023 at 07:54AM The December 2023 Android security updates address 94 vulnerabilities, with fixes for multiple critical-severity issues. Takeaways from Meeting: 1. The latest Android security updates issued in December 2023 have addressed a total of 94 vulnerabilities. 2. Among these vulnerabilities, a number are categorized as having critical severity. 3. It is … Read more

New BLUFFS Bluetooth Attack Expose Devices to Adversary-in-the-Middle Attacks

December 4, 2023 at 08:36AM New BLUFFS vulnerabilities, detailed in CVE-2023-24023 with a 6.8 CVSS score, compromise Bluetooth Classic’s forward and future secrecy by enabling adversaries to impersonate devices and intercept communications between paired devices. Researchers suggest mitigation by using secure connection modes and sufficient key entropy. Key Takeaways from the Meeting on Bluetooth Vulnerability … Read more

Zero-Day Alert: Apple Rolls Out iOS, macOS, and Safari Patches for 2 Actively Exploited Flaws

November 30, 2023 at 11:36PM Apple rolled out updates for iOS, iPadOS, macOS, and Safari to fix two actively exploited WebKit vulnerabilities. These flaws could potentially leak sensitive data and enable arbitrary code execution. The affected versions precede iOS 16.7.1, and all WebKit-based browsers on Apple devices are impacted. Devices from iPhone XS and certain … Read more

Trojanized CPU-Z app on fake Windows news site pushed by Google

November 9, 2023 at 11:15AM A threat actor has been using Google Ads to distribute a trojanized version of the CPU-Z tool, delivering the Redline info-stealing malware. Malicious ads redirect victims to a cloned copy of a legitimate Windows news site, where they are prompted to download a digitally-signed CPU-Z installer. This installer contains a … Read more