The flawed version is in Debian 9 (Stretch), currently in testing, but not in Debian 8 (Jessie). The bug appears to be a result of a bad interaction with the encfs encrypted filesystem’s command line interface: Cryptkeeper invokes encfs and attempts to enter paranoia mode with a simulated ‘p’ keypress – instead, it sets passwords Read more about Linux encryption app Cryptkeeper has universal password: ‘p’[…]
If PostScript is the printer driver, the printer is vulnerable to what they call Cross-Site Printing attacks, documented in detail at Hacking Printers here. The bugs range from attackers exfiltrating copies of what’s sent to printers, to denial-of-service, code execution, forced resets and even bricking the targets. The work from the University Alliance Ruhr landed Read more about PostScript printers extremely vulnerable outside of the network[…]
“Hmm, what is that unauth.cgi thingy? and what does that id number mean?”, I thought to myself. Luckily for me the Internet connection had come back on its own, but I was now a man on a mission, so I started to look around to see if there were any known vulnerabilities for my VEGN2610. Read more about Bypassing Authentication on NETGEAR Routers[…]
More than a third of organisations that experienced a breach last year reported substantial customer, opportunity and revenue loss. The finding is one of the key takeaways from the latest edition of Cisco’s annual cybersecurity report, which also suggests that defenders are struggling to improve defences against a growing range of threats. The vast majority Read more about Suffered a breach? Expect to lose cash, opportunities, and customers – report[…]
Phone numbers, browser histories, and social media posts are all examples of the sort of data that could be mined from those entering the US under Trump’s “extreme vetting” policy, Department of Homeland Security secretary John Kelly said today. As Talking Points Memo reported, Kelly held a press conference this afternoon to discuss the president’s Read more about Trump’s ‘Extreme Vetting’ for US Visitors Could Involve Social Media Posts and Browser Histories[…]
Backblaze has recorded and saved daily hard drive statistics from the drives in our data centers since April 2013. At the end of 2016 we had 73,653 spinning hard drives. Of that number, there were 1,553 boot drives and 72,100 data drives. […] In 2016, three drives models ended the year with zero failures, albeit Read more about 2016 Hard Drive Reliabilty Benchmark Stats by Backblaze[…]
Secret FBI rules allow agents to obtain journalists’ phone records with approval from two internal officials — far less oversight than under normal judicial procedures. The classified rules, obtained by The Intercept and dating from 2013, govern the FBI’s use of national security letters, which allow the bureau to obtain information about journalists’ calls without Read more about Secret Rules Make It Pretty Easy for the FBI to Spy on Journalists[…]