Apple Releases iOS Update for Older iPhones to Fix Actively Exploited Vulnerability

By Ravie Lakshmanan — September 1^st 2022 at 03:24

Apple on Wednesday backported security updates to older iPhones, iPads, and iPod touch devices to address a critical security flaw that has been actively exploited in the wild. The shortcoming, tracked as CVE-2022-32893 (CVSS score: 8.8), is an out-of-bounds write issue affecting WebKit that could lead to arbitrary code execution when processing maliciously crafted web content. WebKit is the

The Hacker News

Xiaomi Phones with MediaTek Chips Found Vulnerable to Forged Payments

By Ravie Lakshmanan — August 12^th 2022 at 12:20

Security flaws have been identified in Xiaomi Redmi Note 9T and Redmi Note 11 models, which could be exploited to disable the mobile payment mechanism and even forge transactions via a rogue Android app installed on the devices. Check Point said it found the flaws in devices powered by MediaTek chipsets during a security analysis of the Chinese handset maker's Trusted Execution Environment (TEE)

The Hacker News

Hackers Targeting VoIP Servers By Exploiting Digium Phone Software

By Ravie Lakshmanan — July 16^th 2022 at 06:33

VoIP phones using Digium's software have been targeted to drop a web shell on their servers as part of an attack campaign designed to exfiltrate data by downloading and executing additional payloads. "The malware installs multilayer obfuscated PHP backdoors to the web server's file system, downloads new payloads for execution, and schedules recurring tasks to re-infect the host system," Palo

FreshRSS

Apple Releases iOS Update for Older iPhones to Fix Actively Exploited Vulnerability

Xiaomi Phones with MediaTek Chips Found Vulnerable to Forged Payments

Hackers Targeting VoIP Servers By Exploiting Digium Phone Software