A new wristband that aims to replace the password has launched a crowdfunding campaign on Kickstarter. At the time of writing, Everykey has passed the halfway mark on its $100,000 funding target with $56,586 pledged with 19 days to reach $100,000. Using Bluetooth, the Everykey promises “immediate access to a user’s password-protected electronics such as
The post Kickstarter campaigns wants your password on your wrist appeared first on We Live Security.
Ubuntu Security Notice 2399-1 – Symeon Paraschoudis discovered that curl incorrectly handled memory when being used with CURLOPT_COPYPOSTFIELDS and curl_easy_duphandle(). This may result in sensitive data being incorrectly sent to the remote server.
Ubuntu Security Notice 2400-1 – It was discovered that LibreOffice incorrectly handled OLE preview generation. If a user were tricked into opening a crafted document, an attacker could possibly exploit this to embed arbitrary data into documents.
Gentoo Linux Security Advisory 201411-4 – Multiple vulnerabilities have been discovered in PHP, the worst of which could lead to remote execution of arbitrary code. Versions less than 5.5.18 are affected.
Debian Linux Security Advisory 3069-1 – Symeon Paraschoudis discovered that the curl_easy_duphandle() function in cURL, an URL transfer library, has a bug that can lead to libcurl eventually sending off sensitive data that was not intended for sending, while performing a HTTP POST operation.
Debian Linux Security Advisory 3070-1 – Several vulnerabilities have been discovered in the FreeBSD kernel that may lead to a denial of service or information disclosure.