cybersecurity

Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.

Link to dump: https://github.com/I-S00N/I-S00N/

The five malicious apps are:

1. Phone Cleaner - File Explorer (com.volabs.androidcleaner)
2. PDF Viewer - File Explorer (com.xolab.fileexplorer)
3. PDF Reader - Viewer & Editor (com.jumbodub.fileexplorerpdfviewer)
4. Phone Cleaner: File Explorer (com.appiclouds.phonecleaner)
5. PDF Reader: File Manager (com.tragisoap.fileandpdfmanager)

Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? This is the time and place to ask!

Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.

cross-posted from: https://infosec.pub/post/8288479

However, this bug caused some DNS queries to be sent to the DNS server configured on the computer, usually a server at the user's ISP, allowing the server to track a user's browsing habits.

Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? This is the time and place to ask!

cross-posted from: https://infosec.pub/post/8133671

The company said the exposure includes names, dates of birth, insurer details, social security numbers, marital status, civil status, and guarantees open to third-party payment.

Hello everyone,

I hope this post belongs here, otherwise I'll move it to !appsec@infosec.pub.

I work in appsec, my manager would like to send us to a conference this year. We are based in Europe, and the company would like to across intercontinental travel.

I have OWASP Global 2024 in Lisbon on my radar, as well as the BlackHat EU in London, is there any other conference you guys would recommend?

Fear them tooth brushes.

Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.

cross-posted from: https://infosec.pub/post/8070199

No exploitations have been observed in the wild as of yet, according to the company's European site, but owners should scan for indicators of compromise given that the bugs have been publicly known but unpatched for months.

Beyond the obvious step of updating to the latest firmware, Canon is advising its customers to "set a private IP address for the products and create a network environment with a firewall or wired/Wi-Fi router that can restrict network access."

AnyDesk Software GmbH, the German company behind the widely used (and misused) remote desktop application of the same name, has confirmed they’ve been hacked and their production systems have been compromised.

The statement was published on Friday evening and lacks technical details about the breach. The incident is not related to ransomware, they added.

Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? This is the time and place to ask!

Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.