UCSF Pays $1.14M After NetWalker Ransomware Attack

The University of California, San Francisco UCSF has paid a $1.14 million ransom to recover data related to “important” academic work. The data was encrypted after the NetWalker ransomware reportedly hit the UCSF medical school. The UCSF, which includes a medical school and a medical center UCSF...

CVE-2019-18248

BIOTRONIK CardioMessenger II, The affected products transmit credentials in clear-text prior to switching to an encrypted communication channel. An attacker can disclose the product’s client credentials for connecting to the BIOTRONIK Remote Communication infrastructure...

Design/Logic Flaw

BIOTRONIK CardioMessenger II, The affected products transmit credentials in clear-text prior to switching to an encrypted communication channel. An attacker can disclose the product’s client credentials for connecting to the BIOTRONIK Remote Communication infrastructure...

CVE-2019-18248

BIOTRONIK CardioMessenger II, The affected products transmit credentials in clear-text prior to switching to an encrypted communication channel. An attacker can disclose the product’s client credentials for connecting to the BIOTRONIK Remote Communication infrastructure...

Boole Server BooleBox Secure File Sharing Utility Injection Vulnerability

Boole Server BooleBox Secure File Sharing Utility is a file sharing system from Boole Server Italy. The system is mainly used for encrypted file storage and sharing. An injection vulnerability exists in Boole Server BooleBox Secure File Sharing Utility. The vulnerability can be exploited to execu...

New Bill Targeting ‘Warrant-Proof’ Encryption Draws Ire

Privacy advocates are decrying a new bill, which would force tech companies to unlock encrypted devices if ordered to do so by law enforcement with a court issued warrant. The Lawful Access to Encrypted Data Act was introduced on Tuesday by Senate Judiciary Committee Chairman Lindsey Graham R-SC,...

Coughing in the face of scammers: security tips for the 2020 tax season

In spite of everything happening in the world right now—the 2020 tax season is about to come to an end, and taxes are due. Americans got a reprieve back in March when the US Treasury Department and Internal Revenue Service IRS announced they were pushing back the federal income tax filing due dat...

EncroChat encrypted communication provider quits after malware attack

By Waqas Encrypted communication network EncroChat has announced to shut down its services for good. This is a post from HackRead.com Read the original post: EncroChat encrypted communication provider quits after malware attack...

SUSE-SU-2020:1731-1 Security update for libreoffice

This update for libreoffice to 6.4.4.2 fixes the following issues: Security issue fixed: - CVE-2020-12801: Fixed an issue with encrypted MSOffice documents that could be accidentally saved unencrypted bsc1171997. Non-security issues fixed: - Elements on title page mixed up bsc1160687. - Image...

Multi-stage APT attack drops Cobalt Strike using Malleable C2 feature

This blog post was authored by Hossein Jazi and Jérôme Segura On June 10, we found a malicious Word document disguised as a resume that uses template injection to drop a .Net Loader. This is the first part of a multi-stage attack that we believe is associated to an APT attack. In the last stage,...

Debian: Security Advisory (DLA-2247-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated libreoffice packages fix security vulnerability

This update increase Libreoffice to version 6.4.4.2 It fixes Security issues and add kf5 support. If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted. On restart, LibreOffice offers to restore the document and prompts for the password to decrypt it. If...

MGASA-2020-0258 Updated libreoffice packages fix security vulnerability

This update increase Libreoffice to version 6.4.4.2 It fixes Security issues and add kf5 support. If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted. On restart, LibreOffice offers to restore the document and prompts for the password to decrypt it. If...

[SECURITY] [DLA 2247-1] thunderbird security update

Package : thunderbird Version : 1:68.9.0-1deb8u2 CVE ID : CVE-2020-12398 CVE-2020-12399 CVE-2020-12405 CVE-2020-12406 CVE-2020-12410 Multiple security issues have been found in Thunderbird which could result in the setup of a non-encrypted IMAP connection, denial of service or potentially the...

CVE-2020-3929 GeoVision Door Access Control Device - Shared cryptographic keys

GeoVision Door Access Control device family employs shared cryptographic private keys for SSH and HTTPS. Attackers may conduct MITM attack with the derived keys and plaintext recover of encrypted messages...

Debian DSA-4702-1 : thunderbird - security update

Multiple security issues have been found in Thunderbird which could result in the setup of a non-encrypted IMAP connection, denial of service or potentially the execution of arbitrary code. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

Debian: Security Advisory (DSA-4702-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 4702-1] thunderbird security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4702-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 11, 2020 https://www.debian.org/security/faq -...

OPENSUSE-SU-2020:0786-1 Security update for libreoffice

This update for libreoffice to 6.4.4.2 fixes the following issues: Security issue fixed: - CVE-2020-12801: Fixed an issue with encrypted MSOffice documents that could be accidentally saved unencrypted bsc1171997. Non-security issues fixed: - Elements on title page mixed up bsc1160687. - Image...

SUSE-SU-2020:1530-1 Security update for libreoffice

This update for libreoffice to 6.4.4.2 fixes the following issues: Security issue fixed: - CVE-2020-12801: Fixed an issue with encrypted MSOffice documents that could be accidentally saved unencrypted bsc1171997. Non-security issues fixed: - Elements on title page mixed up bsc1160687. - Image...