A security vulnerability has been disclosed in the web version of the Ever Surf wallet that, if successfully weaponized, could allow an attacker to gain full control over a victim’s wallet. “By exploiting the vulnerability, it’s possible to decrypt the private keys and seed phrases that are stored in the browser’s local storage,” Israeli cybersecurity
Technology
Vivo X80 and Vivo X80 Pro were launched at an event in China on Monday. While the regular Vivo X80 carries an octa-core MediaTek Dimensity 9000 SoC, the Vivo X80 Pro comes in two distinct variants — one with the Dimensity 9000 chip and the other one offering a Qualcomm Snapdragon 8 Gen 1 SoC.
The U.S. Federal Bureau of Investigation (FBI) is sounding the alarm on the BlackCat ransomware-as-a-service (RaaS), which it said victimized at least 60 entities worldwide between as of March 2022 since its emergence last November. Also called ALPHV and Noberus, the ransomware is notable for being the first-ever malware written in the Rust programming language
Vivo X80 Pro specifications have been tipped ahead of its launch on April 25 in China. The device is expected to be launched alongside Vivo X80 and X80 Pro+ on the same day. Reportedly, the upcoming Vivo X80 Pro will include Snapdragon 8 Gen 1 SoC, 120Hz display, 50-megapixel quad cameras, and 80W fast charging.
Network-attached storage (NAS) appliance maker QNAP on Thursday said it’s investigating its lineup for potential impact arising from two security vulnerabilities that were addressed in the Apache HTTP server last month. The critical flaws, tracked as CVE-2022-22721 and CVE-2022-23943, are rated 9.8 for severity on the CVSS scoring system and impact Apache HTTP Server versions
Realme GT 2 was launched in India on Friday. The new Realme phone was unveiled alongside the Realme GT 2 Pro in China in January, and both Realme phones were showcased at MWC 2022 in February. The Realme GT 2 carries features including a 120Hz AMOLED display, triple rear cameras, and a Paper Tech Master
Atlassian has published a security advisory warning of a critical vulnerability in its Jira software that could be abused by a remote, unauthenticated attacker to circumvent authentication protections. Tracked as CVE-2022-0540, the flaw is rated 9.9 out of 10 on the CVSS scoring system and resides in Jira’s authentication framework, Jira Seraph. Khoadha of Viettel
Samsung Galaxy M53 5G was launched as the company’s latest M series smartphone in India. It comes with various features such as a 6.7-inch Super AMOLED+ display with a 120Hz refresh rate, MediaTek Dimensity 900 SoC under the hood, and a quad rear camera setup headlined by a 108-megapixel camera. Samsung Galaxy M52 5G is
Telecom company T-Mobile on Friday confirmed that it was the victim of a security breach in March after the LAPSUS$ mercenary gang managed to gain access to its networks. The acknowledgment came after investigative journalist Brian Krebs shared internal chats belonging to the core members of the group indicating that LAPSUS$ breached the company several
Truecaller has announced that it will not offer its call recording feature from May 11. The development comes soon after Google announced that it has updated its Play Store policy restricting the access of third-party applications to the Accessibility API from May 11. It is to be noted that first party dialler apps and the
LemonDuck, a cross-platform cryptocurrency mining botnet, is targeting Docker to mine cryptocurrency on Linux systems as part of an active malware campaign. “It runs an anonymous mining operation by the use of proxy pools, which hide the wallet addresses,” CrowdStrike said in a new report. “It evades detection by targeting Alibaba Cloud’s monitoring service and
Security flaws in an audio codec have been uncovered by security researchers, putting millions of Android phones and other Android devices powered by chipsets from MediaTek and Qualcomm at risk of being compromised by hackers. Stemming from an codec created by Apple several years ago, the vulnerabilities were left unpatched since the company open-sourced the
A proof-of-concept (PoC) code demonstrating a newly disclosed digital signature bypass vulnerability in Java has been shared online. The high-severity flaw in question, CVE-2022-21449 (CVSS score: 7.5), impacts the following version of Java SE and Oracle GraalVM Enterprise Edition – Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18 Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1, 22.0.0.2
Xiaomi’s Redmi Note series has gained a lot of attention recently with the launch of Redmi Note 11 Pro in January 2022, with March launch for the Redmi Note 11 Pro+ 5G. Within a few weeks of the Redmi Note 11 series being launched in the market, rumours have already started to spark the buzz
The “hotpatch” released by Amazon Web Services (AWS) in response to the Log4Shell vulnerabilities could be leveraged for container escape and privilege escalation, allowing an attacker to seize control of the underlying host. “Aside from containers, unprivileged processes can also exploit the patch to escalate privileges and gain root code execution,” Palo Alto Networks Unit
Google recently updated its Play Store policy to restrict third-party applications from providing the ability to record calls on recent versions of Android. The Android maker had previously blocked apps from recording calls via the microphone with the launch of Android 10 in September 2019. Google is now cutting off another avenue used by developers
A new set of phishing attacks delivering the more_eggs malware has been observed striking corporate hiring managers with bogus resumes as an infection vector, a year after potential candidates looking for work on LinkedIn were lured with weaponized job offers. “This year the more_eggs operation has flipped the social engineering script, targeting hiring managers with
Samsung just gave the Android tablet space a big boost by launching three devices in its new Galaxy Tab S8 series. The Galaxy Tab S8, Galaxy Tab S8+, and Galaxy Tab S8 Ultra are targeted at different price points to cater to a wide audience. Samsung’s Galaxy Tab S8 Ultra is one of the most
The Five Eyes nations have released a joint cybersecurity advisory warning of increased malicious attacks from Russian state-sponsored actors and criminal groups targeting critical infrastructure organizations amidst the ongoing military siege on Ukraine. “Evolving intelligence indicates that the Russian government is exploring options for potential cyberattacks,” authorities from Australia, Canada, New Zealand, the U.K., and
Google Pixel 6a may soon be out in the market, reportedly at the Google IO 2022, which is starting May 11. While the speculations regarding the lower-cost smartphone’s features and pricing run high, there are a few rumours that are already making a buzz. It has been reported that the new flagship chipset may compromise with