55 matches found
CVE-2016-1281
The CVE-2016-1281 entry describes an untrusted search path/DLL hijacking vulnerability in installers for TrueCrypt 7.2 and 7.1a , and VeraCrypt before 1.17-BETA (and possibly other products). The issue allows local users to execute arbitrary code with administrator privileges by placing a Trojan ...
Encryption software VeraCrypt audit reports published, discovered multiple high risk vulnerabilities attached report download-vulnerability warning-the black bar safety net
! In DuckDuckGo and VikingVPN funded by QuarksLab recent open-source encryption software VeraCrypt conducted a security audit. The audit found that the 8 high-risk vulnerabilities, and 1 0 more in the lower level of vulnerability. About VeraCrypt VeraCrypt is a very popular disk encryption softwa...
Critical Vulnerabilities Uncovered in VeraCrypt Audit Patched
An audit of open source file and disk encryption package VeraCrypt turned up a number of critical vulnerabilities that have been patched in the month since the assessment was wrapped up. The audit, which began Aug. 16, was funded by the Open Source Technology Improvement Fund OSTIF and executed b...
VeraCrypt Audit Reveals Critical Security Flaws — Update Now
After TrueCrypt mysteriously discontinued its service, VeraCrypt became the most popular open source disk encryption software used by activists, journalists, as well as privacy conscious people. First of all, there is no such thing as a perfect, bug-free software. Even the most rigorously tested...
Open Source Disk Encryption: VeraCrypt
VeraCrypt is a software for establishing and maintaining an on-the-fly-encrypted volume data storage device. On-the-fly encryption means that data is automatically encrypted right before it is saved and decrypted right after it is loaded, without any user intervention. No data stored on an...
On Shadow Brokers, the VeraCrypt Audit, and Pokemon Ransomware
Mike Mimoso and Chris Brook discuss the news of the week, including the Shadow Brokers debacle, the VeraCrypt audit, Pokemon ransomware, and a browser address bar vulnerability. Download: ThreatpostNewsWrapAugust192016.mp3 Music by Chris Gonsalves...
VeraCrypt Audit Under Way; Email Mystery Cleared Up
Update To say the VeraCrypt audit, which begins today, got off to an inauspicious start would be an understatement. On Sunday, two weeks after the announcement that the open source file and disk encryption software would be formally scrutinized for security vulnerabilities, executives at one of t...
Someone is Spying on Researchers Behind VeraCrypt Security Audit
After TrueCrypt mysteriously discontinued itself, VeraCrypt became the most popular open source disk encryption software used by activists, journalists, and privacy conscious people. Due to the huge popularity of VeraCrypt, security researchers from the OSTIF The Open Source Technology Improvemen...
TrueCrypt and VeraCrypt DLL File Loading Arbitrary Code Execution Vulnerability
TrueCrypt and VeraCrypt are both free, open source disk encryption software. TrueCrypt and VeraCrypt load DLLs contain security vulnerabilities that allow attackers to exploit the vulnerabilities to build malicious files that can be parsed by the user and can execute arbitrary code...
Truecrypt 7 / VeraCrypt 1.13 - Drive Letter Symbolic Link Creation Privilege Escalation Exploit
Exploit for windows platform in category local exploits Source: https://code.google.com/p/google-security-research/issues/detail?id=538 Truecrypt 7 Derived Code/Windows: Drive Letter Symbolic Link Creation EoP Platform: Windows Class: Local Elevation of Privilege Tested on: VeraCrypt 1.13 x86 on...
TrueCrypt 7 / VeraCrypt 1.13 - Drive Letter Symbolic Link Creation Privilege Escalation
Source: https://code.google.com/p/google-security-research/issues/detail?id=538 Truecrypt 7 Derived Code/Windows: Drive Letter Symbolic Link Creation EoP Platform: Windows Class: Local Elevation of Privilege Tested on: VeraCrypt 1.13 x86 on Windows 10 Summary: The Windows driver used by projects...
TrueCrypt Encryption Software Has Two Critical Flaws: It's time to Move On
If you are among thousands of privacy-conscious people who are still using ‘no longer available’ TrueCrypt Encryption Software, then you need to pay attention. Two critical security vulnerabilities have been discovered in the most famous encryption tool, TrueCrypt, that could expose the user’s da...
TrueCrypt Security Vulnerabilities Patched in VeraCrypt
TrueCrypt may be a fond memory for most of its users, but that hasn’t stopped researchers and hackers from poking about the open source encryption software. Recently, researchers from Google’s Project Zero team uncovered a pair of elevation of privilege vulnerabilities in TrueCrypt, both of which...
Encryption Software VeraCrypt 1.12 Adds New PIM Feature To Boost Password Security
Encrypting your sensitive data is important. As you may know, CIA... Confidentiality Integrity Availability ...are the essential elements of Information Security. There are a number of tools and methods available out there, but not all encryption tools are same. We are now living in an era where...
TrueCrypt alternatives VeraCrypt CipherShed Step Up
TrueCrypt’s relative clean bill of health last week has now spawned a new focus on existing alternatives to the open source encryption software, namely VeraCrypt and CipherShed. Both open source projects sprung forth from the rubble of the original TrueCrypt developers’ decision in 2014 to abando...