all InfoSec news
Signal Client v6.2 and earlier versions vulnerable to CVE-2023–24068 & CVE-2023–24069
Jan. 24, 2023, 6:36 a.m. | Salvador Beltrán
InfoSec Write-ups - Medium infosecwriteups.com
After I read the PoC from John Jackson, I had to try. I ran into my computer and checked the version of the Signal Client that I had installed. The version is 6.2.0, which is allegedly vulnerable. So I started reading about how I can explode the CVE-2023–24068. And this brings us to CVE-2023–24069:
Signal Desktop before 6.2.0 on Windows, Linux, and macOS allow an attacker to obtain potentially sensitive attachments sent in messages from the attachments.noindex directory. The cached …
client cve cybersecurity security-vulnerabilities signal vulnerable
More from infosecwriteups.com / InfoSec Write-ups - Medium
Hack Stories: Hacking Hackers EP:3
2 days, 15 hours ago |
infosecwriteups.com
Mastering Shodan Search Engine
3 days, 16 hours ago |
infosecwriteups.com
Email Verification Bypass via Remember Me
3 days, 16 hours ago |
infosecwriteups.com
Typo Trouble: Exploring the Telegram Python RCE Vulnerability
3 days, 16 hours ago |
infosecwriteups.com
Active DNS Recon using AXIOM
3 days, 16 hours ago |
infosecwriteups.com
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Information Security Consultant
@ Auckland Council | Central Auckland, NZ, 1010
Security Engineer, Threat Detection
@ Stripe | Remote, US
DevSecOps Engineer (Remote in Europe)
@ CloudTalk | Prague, Prague, Czechia - Remote
Security Architect
@ Valeo Foods | Dublin, Ireland
Security Specialist - IoT & OT
@ Wallbox | Barcelona, Catalonia, Spain