Then again, you don’t even need the actual device – in this case, a SteelSeries peripheral – since emulation works just fine to launch with full SYSTEM rights.
Source: Read More (Threatpost)
You might be interested in …
[ZDNet] SEC settles with First American over massive leak of mortgage data, disclosure
First American has agreed to a penalty of close to half a million dollars. Source: Read More (Latest topics for ZDNet in Security)
[ThreatPost] Apple AirTag Zero-Day Weaponizes Trackers
Apple’s personal item-tracker devices can be used to deliver malware, slurp credentials, steal tokens and more thanks to XSS. Source: Read More (Threatpost)
[SecurityWeek] GitKraken Vulnerability Prompts Action From GitHub, GitLab, Bitbucket
Developers of Git GUI client GitKraken have addressed a vulnerability resulting in the generation of weak SSH keys, and they are prompting users to revoke and renew their keys. Discovered in the open source library that the Git GUI client uses for SSH key generation, the issue affects all keys issued using versions 7.6.x, 7.7.x, […]