Embedded videos in Office docs can hide embedded nasties

Posted by & filed under Security Alerts.

Microsoft Word documents can potentially smuggle in malicious code using embedded web videos, it is claimed. Opening a booby-trapped file, and clicking on the vid, will trigger execution of the code. In summary, miscreants can leverage this weakness to potentially trick marks into installing malware on their PCs. It’s useful for hackers preying on non-savvy… Read more »

Simple Authentication and Security Layer (SASL) vulnerabilities

Posted by & filed under Security Alerts.

Simple Authentication and Security Layer (SASL) is an authentication layer used in Internet protocols. SASL is not a protocol, but rather a framework that provides developers of applications and shared libraries with mechanisms for authentication, data integrity–checking, and encryption. Within the framework and a few of its plugins, there are a couple of known vulnerabilities that… Read more »

Bitcoin Core Software Patches a Critical DDoS Attack Vulnerability

Posted by & filed under Security Alerts.

The Bitcoin Core development team has released an important update to patch a major DDoS vulnerability in its underlying software that could have been fatal to the Bitcoin Network, which is usually known as the most hack-proof and secure blockchain. The DDoS vulnerability, identified as CVE-2018-17144, has been found in the Bitcoin Core wallet software,… Read more »