Google has released the Android security updates for February 2022, which address two critical vulnerabilities that are typically exploited by sophisticated spyware vendors who independently discover and use zero-day vulnerabilities in mobile operating systems. However, Google has found no evidence of active exploitation in this situation. The CVE-2021-39675 vulnerability, which has a "critical" severity rating, is a remote privileged escalation that requires no user interaction and exclusively affects Android 12, the most recent version of the popular OS. CVE-2021-30317, the second major flaw patched by the February 2022 security update, affects a closed-source Qualcomm component and hence only affects Android devices that use that vendor's hardware. Technical specifics about the flaws are not available at this time, as Android updates often take several months to reach a reasonable percentage of the user base, due to the fact that vendors must bundle them separately for each device type. Finally, the patches included in this month's update are only for Android versions 10, 11, and 12, so if your phone is older than that, you are no longer covered and should consider it a security risk.
The City of Wichita, Kansas, confronted a significant challenge as it disclosed the forced shutdown of segments of its network following a ransomware attack over the weekend. As th...
NiceCurl and TameCat are two custom backdoor variants that have recently been used in malicious campaigns attributed to the Damselfly APT, also known as APT42. These backdoors are ...
Ukraine's government reports a surge in financially motivated cyberattacks by previously unidentified hackers with ties to Russia. These groups have become more active within U...