#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

KeePass | Breaking Cybersecurity News | The Hacker News

KeePass Exploit Allows Attackers to Recover Master Passwords from Memory

KeePass Exploit Allows Attackers to Recover Master Passwords from Memory

May 22, 2023 Password Security / Exploit
A proof-of-concept (PoC) has been made available for a security flaw impacting the KeePass password manager that could be exploited to recover a victim's master password in cleartext under specific circumstances. The issue, tracked as  CVE-2023-32784 , impacts KeePass versions 2.x for Windows, Linux, and macOS, and is  expected to be patched  in version 2.54, which is likely to be released early next month. "Apart from the first password character, it is mostly able to recover the password in plaintext," security researcher "vdohney," who discovered the flaw and devised a PoC,  said . "No code execution on the target system is required, just a memory dump." "It doesn't matter where the memory comes from," the researcher added, stating, "it doesn't matter whether or not the workspace is locked. It is also possible to dump the password from RAM after KeePass is no longer running, although the chance of that working goes down w
Hackers Using Rogue Versions of KeePass and SolarWinds Software to Distribute RomCom RAT

Hackers Using Rogue Versions of KeePass and SolarWinds Software to Distribute RomCom RAT

Nov 03, 2022
The operators of RomCom RAT malware are continuing to evolve their campaigns by distributing rogue versions of software such as SolarWinds Network Performance Monitor, KeePass password manager, and PDF Reader Pro via fake copycat websites. Targets of the operation consist of victims in Ukraine and select English-speaking countries like the U.K. To be noted, the malicious software in question is not related to any product developed or released by SolarWinds, and is instead an unlicensed, "cracked" version of an old product. "Given the geography of the targets and the current geopolitical situation, it's unlikely that the RomCom RAT threat actor is cybercrime-motivated," the BlackBerry Threat Research and Intelligence Team  said  in a new analysis. The latest findings  come  a week after the Canadian cybersecurity company disclosed a spear-phishing campaign aimed at Ukrainian entities to deploy a remote access trojan called RomCom RAT. The unknown threat ac
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
Cybersecurity Resources