Security Affairs Archives - Page 787 of 1047

Pierluigi Paganini August 16, 2019

USBSamurai — A Remotely Controlled Malicious USB HID Injecting Cable for less than 10$

USBSamurai — A Remotely Controlled Malicious USB HID Injecting Cable for less than 10$. than 10$. The Video is self-explanatory. (Wanna know how to make it? Read the article below.) All started with this Tweet last April, when I wanted a damn cheap USB implant capable of injecting keystrokes. It had to be: Remotely Controllable […]

Pierluigi Paganini August 16, 2019

Hurry Up! Update your LibreOffice because 2 patches have been bypassed

The latest version of LibreOffice (6.2.6/6.3.0) addresses three vulnerabilities that could be exploited by attackers to bypass patches for two previously addressed issues. LibreOffice has released a new version of the popular open-source office software that addressed three vulnerabilities that could be exploited by attackers to bypass patches for two previously addressed issues. LibreOffice attempted to fix one of […]

Pierluigi Paganini August 16, 2019

European Central Bank (ECB) discloses data breach in BIRD Newsletter

The European Central Bank (ECB) announced that threat actors had access for months to the contact information of hundreds of financial industry subscribers to its newsletter The ECB was the victim of a data breach, the bank announced that hackers had access for several months to the contact information of hundreds of financial industry subscribers […]

Pierluigi Paganini August 16, 2019

Mozilla addresses “master password” security bypass flaw in Firefox

The latest update released by Mozilla for Firefox patches a flaw in Firefox Password Manager that can be exploited to access stored passwords. The latest release for Mozilla Firefox (Firefox 68.0.2) fixes a vulnerability that can be exploited to bypass the master password in Firefox Password Manager and access stored passwords. “When a master password […]

Pierluigi Paganini August 15, 2019

Biometric data of 1M leaked via an unsecured Suprema owned database

Researchers discovered an unsecured database online owned by Suprema that contained the fingerprints and facial recognition information of one million people. Researchers from vpnMentor discovered the personal and biometric data (i.e. facial recognition and fingerprint information) of more than a million people exposed online on an unsecured database owned by the Suprema biometric security company. […]

Pierluigi Paganini August 15, 2019

A flaw in Kaspersky Antivirus allowed tracking its users online

A vulnerability in Kaspersky Antivirus had exposed a unique identifier associated with users to every website they have visited in the past 4 years. A vulnerability in the Kaspersky Antivirus software, tracked as CVE-2019-8286, had exposed a unique identifier associated with its users to every website they have visited in the past 4 years. The […]

Pierluigi Paganini August 15, 2019

Threat actors use a Backdoor and RAT combo to target the Balkans

Apparently financially-motivated threat actors carried out a long-term campaign against the Balkans involving a backdoor and a RAT to compromise the targets. Security experts from ESET uncovered a long-running campaign carried out by a financially-motivated threat actor. The attackers combined a backdoor dubbed BalkanDoor and a remote access Trojan tracked as BalkanRAT to take control […]

Pierluigi Paganini August 15, 2019

KNOB attack threatens over a billion Bluetooth-enabled devices

A vulnerability tracked as CVE-2019-9506 and referred as Key Negotiation of Bluetooth (KNOB) attack could allow attackers to spy on encrypted connections. Researchers at the Center for IT-Security, Privacy and Accountability (CISPA) found a new Bluetooth vulnerability, referred as Key Negotiation of Bluetooth (KNOB) attack, that could allow attackers to spy on encrypted connections. The […]

Pierluigi Paganini August 14, 2019

Security Patch Day for August includes the most critical Note released by SAP in 2019

SAP Patches Highest Number of Critical Flaws Since 2014 SAP released Security Patch Day updates for August 2019 that address three critical vulnerabilities in the company’s products. SAP has released the Security Patch Day for August, this month the company addresses several flaws, including three critical vulnerabilities (Hot News), the highest number of critical flaws […]

Pierluigi Paganini August 14, 2019

Flaws in HTTP/2 implementations expose servers to DoS attacks

Experts at Netflix and Google discovered eight denial-of-service (DoS) vulnerabilities affecting various HTTP/2 implementations. Researchers from Netflix and Google discovered eight denial-of-service (DoS) flaws affecting various HTTP/2 implementations. Some of the flawed implementations belong to tech giants such as Amazon, Apple, Facebook, and Microsoft. The security flaws affect the most popular web server software, including […]