[HackerNews] Digital Signature Spoofing Flaws Uncovered in OpenOffice and LibreOffice

The maintainers of LibreOffice and OpenOffice have shipped security updates to their productivity software to remediate multiple vulnerabilities that could be weaponized by malicious actors to alter documents to make them appear as if they are digitally signed by a trusted source.
The list of the three flaws is as follows —

CVE-2021-41830 / CVE-2021-25633 – Content and Macro Manipulation with

Source: Read More (The Hacker News)

You might be interested in …

[ThreatPost] Epik Confirms Hack, Gigabytes of Data on Offer

All posts, ThreatPost

“Time to find out who in your family secretly ran … [a] QAnon hellhole,” said attackers who affiliated themselves with the hacktivist collective Anonymous, noting that Epik had laughable security. Source: Read More (Threatpost)

Read More

[NCSC-FI News] Report: Recent 10x Increase in Cyberattacks on Ukraine

Bill Woodcock is executive director at Packet Clearing House, a nonprofit based in San Francisco that is one of several sponsors of Quad9. Woodcock said the spike in blocked DNS queries coming out of Ukraine clearly shows an increase in phishing and malware attacks against Ukrainians “They’re being targeted by a huge amount of phishing, […]

Read More

[HackerNews] PwnedPiper PTS Security Flaws Threaten 80% of Hospitals in the U.S.

All posts, HackerNews

Cybersecurity researchers on Monday disclosed a set of nine vulnerabilities known as “PwnedPiper” that left a widely-used pneumatic tube system (PTS) vulnerable to critical attacks, including a possibility of complete takeover. The security weaknesses, disclosed by American cybersecurity firm Armis, impact the Translogic PTS system by Swisslog Healthcare, which is installed in about 80% of […]

Read More