Tag Archive for: widelyused

Hackers Inject Malware Into Widely-Used Password Management App

/in


Companies around the globe are scrambling to update critical credentials this weekend The reason: the popular password management app Passwordstate fell victim to hackers, who injected malware via the app’s update mechanism.

Click Studios, the developer of Passwordstate, alerted its customers about the incident late this week immediately after it was discovered. The email noted that the breach occurred between April 20 and 22.

During that time, the attackers “[used] sophisticated techniques” to insert a malicious file alongside legitimate Passwordstate updates. At this point in time it appears as though the malicious update did indeed make its way onto Passwordstate users’ computers.

Full Impact Difficult To Assess

In its online Passwordstate brochure, Click Studios reports “Empowering more than 29,000 Customers and 370,000 Security & IT Professionals globally.” With numbers like those in play, it could take weeks or even months before the full impact of the breach is known.

Even at a small or medium organization, IT staff manage dozens if not hundreds of credentials for services and devices.

“Affected customers password records may have been harvested,” states the breach notification (PDF link). Indeed, users would do well to assume the worst even though there are some mitigating factors.

Click Studios notes that the malicious activity spanned 28 hours. Customers who did not receive an automatic update during that name should not be affected. Likewise, users who perform updates manually should be safe.

The downside is that those groups could be fairly small. Keeping software fully updated is supposed to be one of the cornerstones of good security, after all. We’ve grown to rely on automatic update systems to take the hassle out of the process for us.

Security researchers at the Denmark-based CSIS Group detected the rogue file on a system during an investigation. Once it had been delivered to a victim’s computer, the file would attempt to establish communications with a remote server to download additional malicious components.

Automatic Updates Become a Double-Edged Sword

Automatic updates are great, when they…

Source…

Security holes found in widely-used file compression library, leaving other products dangerously exposed

/in
Security holes found in widely-used file compression library, leaving other products dangerously exposed

Researchers have called for users to patch and upgrade their vulnerable software as soon as possible, after three severe vulnerabilities were found in libarchive, a widely-used open source compression library.

Read more in my article on the Tripwire State of Security blog.

Graham Cluley

Researcher reveals remotely exploitable flaw in world’s most widely-used real-time OS

/in

A security researcher discovered a serious yet simple flaw in VxWorks, a real-time operating system for the Internet of Things, which an attacker could remotely exploit without needing any interaction with a user. The OS is used in everyday things like network routers to critical infrastructure as well in NASA’s Curiosity Rover on Mars and Boeing 787 Dreamliners.

Searching for VxWorks via Shodan reveals about 100,000 internet-connected devices running the OS, but VxWorks supposedly powers “billions of intelligent devices.” The researcher warned that the vulnerability “allows remote code execution on most VxWorks-based devices.”

To read this article in full or to leave a comment, please click here

Network World Security