Security News

New research has found that it's possible to use 3D printing technology to create "Fake fingerprints" that can bypass most fingerprint scanners used by popular devices. Cisco Talos today came out with some new research regarding how these scanners can be defeated using different technologies like 3D printing, and basically looking at fingerprint scanners and the security behind them in general.

Publicised by ProtonVPN, the issue is a bypass flaw caused by iOS not closing existing connections as it establishes a VPN tunnel, affecting iOS 13.3.1 as well as the latest version. A VPN app should open a private connection to a dedicated server through which all internet traffic from the device is routed before being forwarded to the website or service someone is accessing.

Researchers said the Apple VPN bypass bug in iOS fails to terminate all existing connections and leaves a limited amount of data unprotected, such as a device's IP address, exposing it for a limited window of time. "Most connections are short-lived and will eventually be re-established through the VPN tunnel on their own. However, some are long-lasting and can remain open for minutes to hours outside the VPN tunnel," researchers explained in a technical analysis of the flaw.

Proton Technologies, the company behind the privacy-focused ProtonMail and ProtonVPN services, this week disclosed the existence of a vulnerability in Apple's iOS mobile operating system that prevents VPN applications from encrypting all traffic. When a VPN is used, the device's operating system should close all existing internet connections and reestablish them through a VPN tunnel to protect the user's data and privacy.

Over the coming weeks, a new alternative routing feature will become available across all of the ProtonMail and ProtonVPN mobile and desktop applications, the company says. "While we have largely been able to overcome censorship and attacks, it's imperative that we remain one step ahead of those who would seek to spy on people and restrict the freedom of information. Alternative routing is an additional capability which helps us ensure users can access our services," Proton says.

A threat actor - likely a state-sponsored cyberespionage group - has used a sophisticated technique to allow a piece of malware hosted on a server to communicate with command and control servers through a firewall. It's unclear exactly how the attackers planted the malware, but researchers believe they may have accessed the server through a dictionary attack on an exposed SSH port.

A vulnerability addressed by F-Secure in some of its business products could have been exploited to bypass their scanning engine using malformed archives. The patched issue is actually over a decade old - it was initially detailed in 2009 by security researcher Thierry Zoller - and resides in an anti-virus application's inability to scan a compressed archive that a user can access.

The TrickBot trojan has evolved again to bolster its ability to elude detection, this time adding a feature that can bypass Windows 10 User Account Control to deliver malware across multiple workstations and endpoints on a network, researchers have discovered. Researchers at Morphisec Labs team said they discovered code last March that uses the Windows 10 WSReset UAC Bypass to circumvent user account control and deliver malware in recent samples of TrickBot, according to a report released last week.

Though SpyCloud helped bring this particular criminal to justice, these tactics are common in targeted attacks. Targeted attacks are manual, creative, and elusive, making them one of the most difficult aspects of security and risk management.

Researchers have discovered password bypass vulnerabilities affecting two WordPress plugins from a publisher called Revmakx. The first vulnerable plugin is RevMakx's InfiniteWP Client, a tool that allows admins to manage multiple WordPress sites from the same interface.