IDRIX, Truecrypt Security Vulnerabilities
Microsoft Windows - DFS Client Driver Arbitrary Drive Mapping Privilege Escalation (MS16-123)
Microsoft Windows - DFS Client Driver Arbitrary Drive Mapping Privilege Escalation...
0.3AI Score
Microsoft Windows - DFS Client Driver Arbitrary Drive Mapping Privilege Escalation (MS16-123)
...
7.4AI Score
Searching for Best Encryption Tools? Hackers are Spreading Malware Through Fake Software
Over the past few years, Internet users globally have grown increasingly aware of online privacy and security issues due to mass monitoring and surveillance by government agencies, making them adopt encryption software and services. But it turns out that hackers are taking advantage of this...
7.2AI Score
StrongPity APT Covets Secrets of Crypto Users
APT groups covet secrets, and one in particular has chosen to target users intent on protecting theirs. The group is known as StrongPity, and it’s been a characteristic APT outfit using its share of zero days and modular attack tools to infiltrate victims and conduct espionage. This summer,...
0.6AI Score
VeraCrypt Audit Under Way; Email Mystery Cleared Up
Update To say the VeraCrypt audit, which begins today, got off to an inauspicious start would be an understatement. On Sunday, two weeks after the announcement that the open source file and disk encryption software would be formally scrutinized for security vulnerabilities, executives at one of...
-0.2AI Score
Someone is Spying on Researchers Behind VeraCrypt Security Audit
After TrueCrypt mysteriously discontinued itself, VeraCrypt became the most popular open source disk encryption software used by activists, journalists, and privacy conscious people. Due to the huge popularity of VeraCrypt, security researchers from the OSTIF (The Open Source Technology...
6.7AI Score
Parrot Security OS is a cloud friendly operating system designed for Pentesting, Computer Forensic, Reverse engineering, Hacking, Cloud pentesting, privacy/anonimity and cryptography. Based on Debian and developed by Frozenbox network. Who can use it Parrot is designed for everyone, from the Pro...
7.3AI Score
Parrot Security OS is a cloud friendly operating system designed for Pentesting, Computer Forensic, Reverse engineering, Hacking, Cloud pentesting, privacy/anonimity and cryptography. Based on Debian and developed by Frozenbox network. Who can use it Parrot is designed for everyone, from the Pro...
7.3AI Score
British Hacker Wins Legal Battle Over Encryption Keys
In Brief Britain's top crime fighting force has failed in a legal attempt to force alleged hacker Lauri Love to hand over his hard disk's encryption keys. In a landmark case, District Judge Nina Tempia said the investigative agency should have used the normal police powers rather than a civil...
6.4AI Score
Heuristics File System Secret Search: blueflower
blueflower is a command-line tool that looks for secrets such as private keys or passwords in a file structure. Interesting files are detected using heuristics on their names and on their content. Unlike some forensics tools, blueflower does not search in RAM, and does not attempt to identify...
-0.5AI Score
-0.3AI Score
0.972EPSS
British Authorities Order Hacker Lauri Love to hand Over Encryption Keys
The National Crime Agency (NCA) of United Kingdom is forcing the British citizen, and political hacktivist Lauri Love accused of hacking to hand over encryption keys to equipment seized from his home. Love, 31, is currently fighting extradition to the United States where he faces up to 99 years in....
6.6AI Score
Warning! Think Twice Before Using USB Drives
Security researchers have discovered a new data-stealing Trojan that makes special use of USB devices in order to spread itself and does not leave any trace of activity on the compromised systems. Dubbed USB Thief ( or Win32/PSW.Stealer.NAI), the malware has the capability of stealthy attacking...
6.6AI Score
0.2AI Score
LATENTBOT: Trace Me If You Can
FireEye Labs recently uncovered LATENTBOT, a new, highly obfuscated BOT that has been in the wild since mid-2013. It has managed to leave hardly any traces on the Internet, is capable of watching its victims without ever being noticed, and can even corrupt a hard disk, thus making a PC useless....
AI Score
LATENTBOT: Trace Me If You Can
FireEye Labs recently uncovered LATENTBOT, a new, highly obfuscated BOT that has been in the wild since mid-2013. It has managed to leave hardly any traces on the Internet, is capable of watching its victims without ever being noticed, and can even corrupt a hard disk, thus making a PC useless....
AI Score
oclHashcat v2.01 - Worlds Fastest Password Cracker
oclHashcat is the world's fastest and most advanced GPGPU-based password recovery utility, supporting five unique modes of attack for over 170 highly-optimized hashing algorithms. oclHashcat currently supports AMD (OpenCL) and Nvidia (CUDA) graphics processors on GNU/Linux and Windows 7/8/10, and.....
7.2AI Score
! TrueCrypt is a is millions on security and privacy lovers the favorite data encryption tool, but recently it broke some of the vulnerabilities. However, according to well-known Information Security Technology Institute of the Fraunhofer-out of a safety analysis report, it may still have to...
-0.2AI Score
! Microsoft recently fix for Windows Bitlocker Drive Encryption in a vulnerability, this vulnerability can be used to quickly bypass the encryption function to obtain to the victims of the encryption of important information. Encryption vulnerabilities in software Disk encryption tool is an...
0.3AI Score
German Government Audits TrueCrypt
TrueCrypt continues to fascinate even though it hasn’t been updated in more than a year and has been cleared of backdoors in more than one extensive audit. The German government’s Federal Office for Information Security (BSI) is the latest to inspect and analyze the security of the abandoned open.....
AI Score
0.001EPSS
Windows Drivers are True’ly Tricky
Posted by James Forshaw, Driving for Bugs Auditing a product for security vulnerabilities can be a difficult challenge, and there’s no guarantee you’ll catch all vulnerabilities even when you do. This post describes an issue I identified in the Windows Driver code for Truecrypt, which has...
7.4AI Score
THN Weekly Roundup — 11 Most Important Hacking News Stories
We are back with our last week’s top cyber security threats and challenges, just in case you missed any of them (ICYMI). THN Weekly Round Up is The Hacker News efforts to help you provide all important stories of last week in one shot. We recommend you read the full story (just click ‘Read More’...
8AI Score
0.001EPSS
Truecrypt 7 / VeraCrypt 1.13 - Drive Letter Symbolic Link Creation Privilege Escalation Exploit
Exploit for windows platform in category local...
7.4AI Score
0.001EPSS
7.4AI Score
TrueCrypt 7 VeraCrypt 1.13 - Drive Letter Symbolic Link Creation Privilege Escalation
TrueCrypt 7 VeraCrypt 1.13 - Drive Letter Symbolic Link Creation Privilege...
2.3AI Score
TrueCrypt Encryption Software Has Two Critical Flaws: It's time to Move On
If you are among thousands of privacy-conscious people who are still using ‘no longer available’ TrueCrypt Encryption Software, then you need to pay attention. Two critical security vulnerabilities have been discovered in the most famous encryption tool, TrueCrypt, that could expose the user’s...
7.9AI Score
0.001EPSS
TrueCrypt Security Vulnerabilities Patched in VeraCrypt
TrueCrypt may be a fond memory for most of its users, but that hasn’t stopped researchers and hackers from poking about the open source encryption software. Recently, researchers from Google’s Project Zero team uncovered a pair of elevation of privilege vulnerabilities in TrueCrypt, both of which.....
AI Score
0.001EPSS
Core Infrastructure Initiative Open Source Security Badge Program
The Core Infrastructure Initiative (CII), a consortium of technology companies guided by The Linux Foundation, has thrown good money at solving the security woes of open source software. Since its inception last year, it has provided funding for the OpenSSL project allowing it to hire full-time...
0.6AI Score
Encryption Software VeraCrypt 1.12 Adds New PIM Feature To Boost Password Security
Encrypting your sensitive data is important. As you may know, CIA... Confidentiality Integrity Availability ...are the essential elements of Information Security. There are a number of tools and methods available out there, but not all encryption tools are same. We are now living in an era where...
6.6AI Score
OpenSSL Past, Present and Future
Rarely does anything have a defined turning point in its history, a single day where people can point and say that was the day everything changed. For OpenSSL, that day was April 7, 2014, the day that Heartbleed became part of the security lexicon. Heartbleed was a critical vulnerability in the...
-0.7AI Score
TrueCrypt is a popular open source file encryption software, which the user includes a large number of“sensitive persons”, such as businessmen, politicians, journalists, and therefore its safety has been well received by the attention. 2 0 1 4 年 5 months, the open source encryption software...
-0.3AI Score
TrueCrypt alternatives VeraCrypt CipherShed Step Up
TrueCrypt’s relative clean bill of health last week has now spawned a new focus on existing alternatives to the open source encryption software, namely VeraCrypt and CipherShed. Both open source projects sprung forth from the rubble of the original TrueCrypt developers’ decision in 2014 to abandon....
-0.7AI Score
TrueCrypt Security Audit Concludes No NSA Backdoor
The Security audit of TrueCrypt disk-encryption software has been completed, with no evidence of any critical design vulnerabilities or deliberate backdoors in its code. TrueCrypt -- one of the world's most-used open source file encryption software used by Millions of privacy and security...
6.9AI Score
TrueCrypt Audit Cryptanalysis Finds No Backdoors
The results are in from the cryptanalysis phase of the TrueCrypt audit, and they show—nothing. Well, maybe not “nothing,” but certainly no signs of a deliberate backdoor from the NSA or any government entity, fears of which date back to the autumn of 2013, post-Snowden, and ignited talk to have...
AI Score
OpenSSL Security Audit Ready to Start
Funding from the Core Infrastructure Initiative has helped the maintainers of OpenSSL, one of the Internet’s most-deployed pieces of open source software, begin to get the crypto implementation on its feet. Despite its ubiquity, OpenSSL has historically been under-funded and under-resourced,...
-0.5AI Score
TrueCrypt Audit Cryptanalysis Handed Off to NCC Group
The stagnant TrueCrypt audit stirred to life in the last 24 hours with the announcement that the second phase of the audit, tasked with examining the cryptography behind the open source disk encryption software, will begin shortly. NCC Group’s Cryptography Services has been contracted to do the...
0.1AI Score
The wonderful and terrifying thing about the security world is that things never stay calm for long. As soon as you think you have a chance to catch your breath, someone breaks something and it’s time to scramble again. In 2014, those small moments of downtime were hard to come by. There was a...
-0.2AI Score
AT&T Drops Controversial Tracking Header
When information came out earlier this month that some mobile carriers were injecting unique identifying “supercookies” into their users’ Web traffic, privacy groups and users were angered. The practice, used by Verizon and AT&T, enables advertisers to track users’ behavior and assemble...
1.2AI Score
BlackArch Linux ISOs including more than 1000 tools and lot's of improvements. Also, armv6h and armv7h repositories are filled with more than 1050 tools. A short ChangeLog: - tool fix: beef - fixed pam issues - added services and login.defs file - removed kde/openbox and i3-debug menu items...
8.2AI Score
CipherShed - Secure Encryption Software (fork of the TrueCrypt Project)
CipherShed is free (as in free-of-charge and free-speech) encryption software for keeping your data secure and private. It started as a fork of the now-discontinued TrueCrypt Project. CipherShed is a program that can be used to create encrypted files or encrypt entire drives (including USB flash...
7.2AI Score
HackBack - A DIY Guide for those without the patience to wait for whistleblowers
HackBack - A DIY Guide for those without the patience to wait for whistleblowers. Papers exploit for Multiple...
0.1AI Score
Secure Disk Encryption Software: CipherShed
Secure Disk Encryption Software CipherShed is free (as in _ free-of-charge _ ** and ** _ free-speech _ ) encryption software for keeping your data secure and private. It started as a fork of the now-discontinued TrueCrypt Project. CipherShed is cross-platform; It is available for Windows, Mac OS...
0.3AI Score
Early Review of LibreSSL Finds Problematic PRNG
When the OpenBSD foundation sent LibreSSL out the door last weekend, it was with the full intention of getting some feedback and scrutiny in return, all in the name of making the crypto library stable and secure. What they likely didn’t expect were claims surfacing that LibreSSL shared some of the....
-0.4AI Score
LibreSSL Portable Fork Of OpenSSL Released
After months of code cleanup and rewriting, the OpenBSD Foundation this weekend sent LibreSSL out the door. The slimmed down OpenSSL fork works on a number of platforms beyond OpenBSD, including several Linux flavors, Solaris, Mac OS X and Free BSD. “I firmly believe that LibreSSL is in a better...
-0.2AI Score
Beware of the NSA, If You Are Privacy Conscious and Security Enthusiast
We all are aware of the National Security Agency’s (NSA) mass surveillance program to track non-Americans. Thanks to former NSA contractor Edward Snowden, who provided confidential documents about the widely spread surveillance programs conducted by the government intelligence agency such as NSA...
6.6AI Score
6.5AI Score
0.0004EPSS
Multiple Vendor BIOS Keyboard Buffer Password Persistence Weakness (2)
No description provided by...
7.1AI Score
Multiple Vendor BIOS Keyboard Buffer Password Persistence Weakness (1)
No description provided by...
7.1AI Score
Crowdsourcing a Tool for Application Vulnerability Research
Pulling in security help on a project has traditionally meant either hiring more full-time help, or bringing in an outside consultant. Enterprises and vendors alike, however, are starting to really go outside the perimeter these days and are taking advantage of crowdsourcing. Given the paranoia in....
-0.3AI Score
Threatpost News Wrap, June 23, 2014
Dennis Fisher and Mike Mimoso discuss the latest security news, including the possible fork of TrueCrypt, Microsoft’s new information sharing platform, the FBI’s cybercrime task force and the US team’s crushing tie with Portugal. Download: digital_underground_156.mp3 Music by Chris...
0.8AI Score
0.974EPSS