computer security – Page 14

LibSSH Vuln: You Don’t Need to See my Authentication

Posted on October 17, 2018 by Jonathan Bennett

Another day, another CVE (Common Vulnerabilities and Exposures). Getting a CVE number assigned to a vulnerability is a stamp of authenticity that you have a real problem on your hands. CVE-2018-10933 is a worst case scenario for libssh. With a single response, an attacker can completely bypass authentication, giving full access to a system.

Before you panic and yank the power cord on your server, know that libssh is not part of OpenSSH. Your Linux box almost certainly uses OpenSSH as the SSH daemon, and that daemon is not vulnerable to this particular problem. Libssh does show up in a …read more

Continue reading LibSSH Vuln: You Don’t Need to See my Authentication→

FIDO2 Authentication In All The Colors

Posted on October 17, 2018 by Jonathan Bennett

Here at Hackaday, we have a soft spot for security dongles. When a new two-factor-authentication dongle is open source, uses USB and NFC, and supports FIDO2, the newest 2FA standard, we take notice. That just happens to be exactly what [Conor Patrick] is funding on Kickstarter.

We’ve looked at [Conor]’s first generation hardware key, and the process of going from design to physical product. With that track record, the Solo security key promises to be more than the vaporware that plagues crowdfunding services.

Another player, Yubikey, has also recently announced a new product that supports FIDO2 and NFC. While Yubikey …read more

Continue reading FIDO2 Authentication In All The Colors→

Monday review – the hot 23 stories of the week

Posted on October 15, 2018 by Naked Security writer

From the Whatsapp hack to the world’s most expensive USB stick, and everything in between. Catch up with everything we’ve written in the last 7 days – it’s weekly roundup time. Continue reading Monday review – the hot 23 stories of the week→

Monday review – the hot 19 stories of the week

Posted on October 8, 2018 by Naked Security writer

From the iOS lockscreen bypass to Facebook using your 2FA phone number to target market you, and everything we wrote in between. Catch up with the news from the last seven days – it’s weekly roundup time. Continue reading Monday review – the hot 19 stories of the week→

Monday review – the hot 23 stories of the week

Posted on October 1, 2018 by Naked Security writer

From the big Facebook breach to vulnerable Android password managers – catch up with everything we’ve written in the last seven days. It’s weekly roundup time. Continue reading Monday review – the hot 23 stories of the week→

Cybersecurity Researchers Spotted First-Ever UEFI Rootkit in the Wild

Posted on September 27, 2018 by Swati Khandelwal

Cybersecurity researchers at ESET have unveiled what they claim to be the first-ever UEFI rootkit being used in the wild, allowing hackers to implant persistent malware on the targeted computers that could survive a complete hard-drive wipe.

Dubbed Lo… Continue reading Cybersecurity Researchers Spotted First-Ever UEFI Rootkit in the Wild→

VPNFilter Router Malware Adds 7 New Network Exploitation Modules

Posted on September 27, 2018 by Swati Khandelwal

Security researchers have discovered even more dangerous capabilities in VPNFilter—the highly sophisticated multi-stage malware that infected 500,000 routers worldwide in May this year, making it much more widespread and sophisticated than earlier.

At… Continue reading VPNFilter Router Malware Adds 7 New Network Exploitation Modules→

Category Archives: computer security

LibSSH Vuln: You Don’t Need to See my Authentication

FIDO2 Authentication In All The Colors

Monday review – the hot 23 stories of the week

Monday review – the hot 19 stories of the week

Monday review – the hot 23 stories of the week

Cybersecurity Researchers Spotted First-Ever UEFI Rootkit in the Wild

VPNFilter Router Malware Adds 7 New Network Exploitation Modules

Monday review – the hot 19 stories of the week

Monday review – the hot 25 stories of the week

Monday review – the hot 24 stories of the week