Mes: septiembre 2020

New vulnerability on the NVD: CVE-2019-14761

An issue was discovered in KaiOS 2.5. The pre-installed Note application is vulnerable to HTML and JavaScript injection attacks. A local attacker can inject arbitrary HTML into the Note application. At a bare minimum, this allows an attacker to take control over the Note application’s UI (e.g., display a malicious prompt to the user asking them to re-enter credentials such as their KaiOS credentials to continue using the application) and also allows an attacker to abuse any of the privileges available to the mobile application.

Published at: September 14, 2020 at 04:15PM
View on website

Pound Sterling Searches for Support as Brexit Bill Roils GBP

GBP price action comes back under pressure as the Brexit Withdrawal Agreement now hangs in jeopardy with UK politicians agreeing to move forward with the highly scrutinized Internal Market Bill.

from DailyFX – Market News https://bit.ly/2ZEJZoZ
via IFTTT

Pound Sterling Searches for Support as Brexit Bill Roils GBP

GBP price action comes back under pressure as the Brexit Withdrawal Agreement now hangs in jeopardy with UK politicians agreeing to move forward with the highly scrutinized Internal Market Bill.

from DailyFX – Market News https://bit.ly/2ZEJZoZ
via IFTTT

US Dollar Outlook: USD Price Action Focused on Fed Meeting

FX traders align their crosshairs with USD price action as market participants gear up for the Fed meeting scheduled this week. How might the Federal Reserve decision impact US Dollar outlook?

from DailyFX – Market News https://bit.ly/3iySBEX
via IFTTT

New vulnerability on the NVD: CVE-2019-14756

An issue was discovered in KaiOS 1.0, 2.5, and 2.5.12.5. The pre-installed Email application is vulnerable to HTML and JavaScript injection attacks. An attacker can send a specially crafted email to the victim that will inject HTML into the email application’s UI as soon as the email is opened. At a bare minimum, this allows an attacker to take control over the Email application’s UI (e.g., display a malicious prompt to the user asking them to re-enter their email credentials) and also allows an attacker to abuse any of the privileges available to the mobile application.

Published at: September 14, 2020 at 03:15PM
View on website