1,300 Popular Android Apps Access Data Without Proper Permissions

Study finds Android apps circumvented privacy opt-in rules and collected sensitive user information against user permission. Continue reading 1,300 Popular Android Apps Access Data Without Proper Permissions

Slack Bug Allows Remote File Hijacking, Malware Injection

An attacker can supply a malicious hyperlink in order to secretly alter the download path for files shared in a Slack channel. Continue reading Slack Bug Allows Remote File Hijacking, Malware Injection

Active Scans Target Vulnerable Cisco Routers for Remote Code-Execution

Cyberattackers are targeting a pair of just-patched vulnerabilities that allow remote unauthenticated information disclosure leading to remote code-execution. Continue reading Active Scans Target Vulnerable Cisco Routers for Remote Code-Execution

Apache Tomcat Patches Important Security Vulnerabilities

The Apache Software Foundation (ASF) has released security updates to address several vulnerabilities in its Tomcat application server, one of which could allow a remote attacker to obtain sensitive information.

Apache Tomcat is an open source web ser… Continue reading Apache Tomcat Patches Important Security Vulnerabilities

SSD Advisory – TrendNet AUTHORIZED_GROUP Information Disclosure

Vulnerability Summary The following advisory describes an information disclosure found in the following TrendNet routers: TEW-751DR – v1.03B03 TEW-752DRU – v1.03B01 TEW733GR – v1.03B01 TRENDnet’s “N600 Dual Band Wireless R… Continue reading SSD Advisory – TrendNet AUTHORIZED_GROUP Information Disclosure

SSD Advisory – Hack2Win – Cisco RV132W Multiple Vulnerabilities

Vulnerabilities Summary The following advisory describes two (2) vulnerabilities found in Cisco RV132W Wireless N VPN version 1.0.1.8 The Cisco RV132W Wireless-N ADSL2+ VPN Router is “easy to use, set up, and deploy. This flexible router offers g… Continue reading SSD Advisory – Hack2Win – Cisco RV132W Multiple Vulnerabilities