Hackers bypassed vein based authentication with a fake hand January 27, 2019 | sento | Leave a comment A couple of researchers demonstrated how to bypass vein based authentication using a fake hand build from a photo. If you consider vein based authentication totally secure, you have to know that a group of researchers demonstrated the opposite at the Chaos Communication Congress hacking conference. Vein based authentication scan invisible vein pattern (i.e. shape,… Read More
NSA to release a free reverse engineering tool January 7, 2019 | sento | Leave a comment The US National Security Agency will release a free reverse engineering tool at the upcoming RSA security conference that will be held at the start of March, in San Francisco. The software’s name is GHIDRA and in technical terms, is a disassembler, a piece of software that breaks down executable files into assembly code that… Read More
PNC Bank testing dynamic CVV codes to combat online card fraud December 29, 2018 | sento | Leave a comment US-based PNC Bank is in the middle of a pilot project that aims to test out credit cards with constantly changing card verification values (or CVVs) to reduce online credit card fraud. The dynamic CVV is displayed on the back of such a card in e-ink, and changes according to an algorithm supplied by Visa.… Read More
Logitech Keystroke Injection Flaw Went Unaddressed for Months December 15, 2018 | sento | Leave a comment Computer peripheral giant Logitech has finally issued a patched version of its Logitech Options desktop app, after being taken to task for a months-old security flaw. The bug could of allowed adversaries to launch keystroke injection attacks against Logitech keyboard owners that used the app. Google Project Zero security researcher Tavis Ormandy found the bug… Read More
Critical SQLite Flaw Leaves Millions of Apps Vulnerable to Hackers December 15, 2018 | sento | Leave a comment Cybersecurity researchers have discovered a critical vulnerability in widely used SQLite database software that exposes billions of deployments to hackers. Dubbed as ‘Magellan’ by Tencent’s Blade security team, the newly discovered SQLite flaw could allow remote attackers to execute arbitrary or malicious code on affected devices, leak program memory or crash applications. Source: thehackernews… Read More
Google+ bug exposes non-public profile data for 52 million users December 10, 2018 | sento | Leave a comment Two months after disclosing an error that exposed the private profile data of almost 500,000 Google+ users, Google on Monday revealed a new leak that affects more than 52 million people. The programming interface bug allowed developers to access names, ages, email addresses, occupations, and a wealth of other personal details even when they were… Read More
Millions of smartphones were taken offline by an expired certificate December 9, 2018 | sento | Leave a comment Ericsson has confirmed that a fault with its software was the source of yesterday’s massive network outage, which took millions of smartphones offline across the UK and Japan and created issues in almost a dozen countries. In a statement, Ericsson said that the root cause was an expired certificate, and that ‘the faulty software that… Read More
Bitcoin Options Bought for $1 Million Will Soon Be Worthless December 9, 2018 | sento | Leave a comment Purchased for almost $1 million on LedgerX’s trading platform just days after Bitcoin peaked a year ago, the call options have a strike price of $50,000 and an expiry date of Dec. 28, 2018. For the contracts to retain any value at expiry, Bitcoin would need to rally more than 1,400 percent. The options’ almost… Read More
Malicious sites abuse 11-year-old Firefox bug that Mozilla failed to fix December 9, 2018 | sento | Leave a comment This wouldn’t be a big deal, as the web is fraught with this kind of malicious sites, but these websites aren’t abusing some new never-before-seen trick, but a Firefox bug that Mozilla engineers appear to have failed to fix in the 11 years ever since it was first reported back in April 2007. The bug… Read More
The biggest crypto programming errors of all time December 9, 2018 | sento | Leave a comment One small crypto programming error can lead to millions in lost funds. As you are about to learn, a bug in your code can equal disaster on the blockchain. These far-reaching consequences are all the more reason to make your project open-source. Open-source projects gain added security because of the large number of developers checking… Read More