Summary

Total Articles Found: 13

Top sources:

Top Keywords:

Top Authors

Top Articles:

  • Chrome and Edge fix zero-day security hole – update now!
  • Google patches “in-the-wild” Chrome zero-day – update now!
  • LastPass: Keylogger on home PC led to cracked corporate password vault
  • PHP community sidesteps its third supply chain attack in three years
  • Critical Samba bug could let anyone become Domain Admin – patch now!
  • Big bad decryption bug in OpenSSL – but no cause for alarm
  • SHA-3 code execution bug patched in PHP – check your version!
  • Harmony blockchain loses nearly $100M due to hacked private keys
  • ExtraPulsar backdoor based on leaked NSA code – what you need to know
  • Phone fingerprint scanner fooled by chewing gum packet

LastPass: Keylogger on home PC led to cracked corporate password vault

Published: 2023-02-28 02:23:16

Popularity: 140

Author: Paul Ducklin

Keywords:

  • Data loss
  • breach
  • keylogger
  • LastPass
  • malware

    • Seems the crooks implanted a keylogger via a vulnerable media app (LastPass politely didn't say which one!) on a developer's home computer.

    ...more

    SHA-3 code execution bug patched in PHP – check your version!

    Published: 2022-11-01 14:09:10

    Popularity: 24

    Author: Paul Ducklin

    Keywords:

  • Cryptography
  • Vulnerability
  • cryptograhpy
  • CVE-2022-37454
  • PHP
  • sha-3

    • As everyone waits for news of a bug in OpenSSL, here's a reminder that other cryptographic code in your life may also need patching!

    ...more

    Chrome and Edge fix zero-day security hole – update now!

    Published: 2022-09-05 15:12:58

    Popularity: 174

    Author: Paul Ducklin

    Keywords:

  • Google
  • Google Chrome
  • Vulnerability
  • chrome
  • CVE-2022-3075
  • Exploit
  • Patch
  • Zero Day

    • This time, the crooks got there first - only 1 security hole patched, but it's a zero-day.

    ...more

    Critical Samba bug could let anyone become Domain Admin – patch now!

    Published: 2022-07-27 21:15:15

    Popularity: 79

    Author: Paul Ducklin

    Keywords:

  • Vulnerability
  • CVE-2022-32744
  • password reset
  • Samba

    • It's a serious bug... but there's a fix for it, so you know exactly what to do!

    ...more

    Google patches “in-the-wild” Chrome zero-day – update now!

    Published: 2022-07-05 15:55:14

    Popularity: 162

    Author: Paul Ducklin

    Keywords:

  • Google
  • Google Chrome
  • Vulnerability
  • 0 day
  • chrome
  • CVE-2022-2294
  • vulnerability
  • zer-day
  • Zero Day

    • Running Chrome? Do the "Help-About-Update" dance move right now, just to be sure...

    ...more

    Harmony blockchain loses nearly $100M due to hacked private keys

    Published: 2022-06-27 18:14:53

    Popularity: 13

    Author: Paul Ducklin

    Keywords:

  • Cryptocurrency
  • Data loss
  • crypto
  • ether
  • hack
  • Harmony

    • The crooks needed at least two private keys, each stored in two parts... but they got them anyway.

    ...more

    Big bad decryption bug in OpenSSL – but no cause for alarm

    Published: 2021-08-27 01:03:21

    Popularity: 44

    Author: Paul Ducklin

    Keywords:

  • Cryptography
  • Uncategorized
  • Vulnerability
  • buffer overflow
  • CVE-2021-3711
  • CVE-2021-3712
  • openssl
  • vulnerability

    • The buggy code's in there, alright. Fortunately, it's hard to get OpenSSL to use it even if you want to, which mitigates the risk.

    ...more

    PHP community sidesteps its third supply chain attack in three years

    Published: 2021-04-30 16:37:04

    Popularity: 80

    Author: Paul Ducklin

    Keywords:

  • Vulnerability
  • Composer
  • Packagist
  • PHP
  • supply chain

    • Third time lucky! (The first two times were lucky, too, luckily.)

    ...more

    ExtraPulsar backdoor based on leaked NSA code – what you need to know

    Published: 2019-04-25 14:58:33

    Popularity: 0

    Author: Paul Ducklin

    Keywords:

  • Malware
  • Backdoor
  • DOUBLEPULSAR
  • ExtraPulsar
  • malware
  • NSA
  • Shadow Brokers

    • A US security researcher has come up with an open-source Windows backdoor loosely based on NSA attack code that leaked back in 2017.

    ...more

    Phone fingerprint scanner fooled by chewing gum packet

    Published: 2019-04-23 14:41:35

    Popularity: 0

    Author: Paul Ducklin

    Keywords:

  • Vulnerability
  • biometrics
  • fingerprint
  • Nokia
  • security bypass

    • A video has surfaced claiming to show someone unlocking a Nokia 9 by tapping a gum packet against the fingerprint scanner.

    ...more

    Equifax website hit by malvertising – will the pain never end?

    Published: 2019-03-07 22:48:05

    Popularity: None

    Author: Paul Ducklin

    The proverb “it never rains but that it pours” could have been written for Equifax – this time, malvertising.

    ...more

    Google drops new Edge zero-day as Microsoft misses 90-day deadline

    Published: 2019-03-07 22:30:49

    Popularity: None

    Author: Paul Ducklin

    Microsoft wasn’t able to come up with a patch within Google’s non-negotiable “you have 90 days” period, so the flaw is now public.

    ...more

    Drive away a Tesla today (even if it isn’t yours)

    Published: 2019-03-07 22:10:55

    Popularity: None

    Author: Paul Ducklin

    Raspberry Pi’s processing power versus Tesla’s Model S cryptography – victory for the little guy!

    ...more

    end