CVE-2021-22333
There is an Improper Validation of Array Index vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause code to execute, thus obtaining system permissions.
Similar Posts
Microsoft and Google openly feuding amid hacks, competition inquiries, IT News, ET CIO
WASHINGTON: Google and Microsoft are at knives drawn. Driven in part by pressure from lawmakers and regulators over the extraordinary power the two technology companies wield over American life, the California-based search engine giant and Washington-based software firm are wrestling to throw each other under the bus. Tensions between Microsoft Corp and Alphabet-owned Google have…
Deloitte and Sophos Make Acquisitions
Governance & Risk Management , Network Detection & Response , Next-Generation Technologies & Secure Development Both Firms Buy Two Cybersecurity Companies Doug Olenick (DougOlenick) • July 27, 2021 Brisk M&A activity in the cybersecurity sector continues. Among the latest moves: Deloitte and Sophos each have announced two acquisitions See Also: Live Webinar |…
Yearlong Phishing Campaign Targets Energy Firms
Business Email Compromise (BEC) , Cybercrime , Fraud Management & Cybercrime Oil and Gas Industry Yet Again a Victim of Agent Tesla Malware Rashmi Ramesh • July 10, 2021 A campaign that uses remote access Trojans and malware-as-a-service infrastructure for cyber espionage purposes has been targeting large international energy companies for at least…
OODA Loop – API Hole on Experian Partner Site Exposes Credit Scores
A Rochester Institute of Technology sophomore discovered a vulnerability on a partner website of Experian that allows anyone to look up credit scores with a name and mailing address. Bill Demirkapi found the leak when he was looking for information about student loan vendors online. He discovered the code behind a page that used an…
Critical RCE Vulnerability Found in VMware vCenter Server — Patch Now!
VMware has rolled out patches to address a critical security vulnerability in vCenter Server that could be leveraged by an adversary to execute arbitrary code on the server. Tracked as CVE-2021-21985 (CVSS score 9.8), the issue stems from a lack of input validation in the Virtual SAN (vSAN) Health Check plug-in, which is enabled by…
Major US pipeline shut by ransomware attack
WASHINGTON: The largest fuel pipeline system in the United States was forced to shut down its entire network after a ransomware attack, the operating company said in a statement on Saturday (May 8). The Colonial Pipeline Company ships gasoline and jet fuel from the Gulf Coast of Texas to the populous East Coast through 8,850km of…