AGL 38.18 ▼ -0.22 (-0.57%)

AIRLINK 142.98 ▲ 7.98 (5.91%)

BOP 5.07 ▼ -0.02 (-0.39%)

CNERGY 3.77 ▼ -0.02 (-0.53%)

DCL 7.56 ▼ -0.03 (-0.4%)

DFML 44.48 ▲ 0.03 (0.07%)

DGKC 76.25 ▼ -1.15 (-1.49%)

FCCL 26.95 ▲ 0.07 (0.26%)

FFBL 52.00 ▼ -0.97 (-1.83%)

FFL 8.52 ▼ -0.02 (-0.23%)

HUBC 125.51 ▲ 1.71 (1.38%)

HUMNL 9.99 ▲ 0.05 (0.5%)

KEL 3.74 ▲ 0.01 (0.27%)

KOSM 8.15 ▲ 0.07 (0.87%)

MLCF 34.75 ▲ 1.05 (3.12%)

NBP 58.71 ▲ 0.22 (0.38%)

OGDC 154.50 ▲ 4.55 (3.03%)

PAEL 25.15 ▲ 0.45 (1.82%)

PIBTL 5.93 ▲ 0.08 (1.37%)

PPL 118.31 ▲ 6.66 (5.97%)

PRL 24.38 ▲ 0.48 (2.01%)

PTC 12.00 ▼ -0.10 (-0.83%)

SEARL 56.00 ▼ -0.89 (-1.56%)

TELE 7.05 ▲ 0.05 (0.71%)

TOMCL 34.99 ▼ -0.16 (-0.46%)

TPLP 6.98 ▼ -0.07 (-0.99%)

TREET 13.98 ▼ -0.18 (-1.27%)

TRG 46.10 ▼ -0.13 (-0.28%)

UNITY 26.00 ▼ -0.08 (-0.31%)

WTL 1.21 ▼ 0.00 (0%)

BR100 8,822 86.7 (0.99%)

BR30 26,723 466.7 (1.78%)

KSE100 83,532 810.2 (0.98%)

KSE30 26,710 328 (1.24%)

اردو

Oct 05, 2024 اردو ► PRINT EDITION ► BR MARKETS ► Dollar to PKR ►

Pakistan Print 2024-06-14

Numerous flaws identified in hybrid biometric terminal

Recorder Report Published June 14, 2024

ISLAMABAD: A global cybersecurity company has identified numerous flaws in the hybrid biometric terminal produced by an International Chinese manufacturer.

According to the experts of Kaspersky, by adding random user data to the database or using a fake QR code, a nefarious actor can easily bypass the verification process and gain unauthorized access. The attackers can also steal and leak biometric data, remotely manipulate devices, and deploy backdoors. High-security facilities worldwide are at risk if they use this vulnerable device.

The flaws were discovered in the course of Kaspersky Security Assessment experts’ research into the software and hardware of the company. All findings were proactively shared with the manufacturer prior to public disclosure.

The biometric readers in question are widely used in areas across diverse sectors – from nuclear or chemical plants to offices and hospitals. These devices support face recognition and QR-code authentication, along with the capacity to store thousands of facial templates. However, the newly discovered vulnerabilities expose them to various attacks.

Cybersecurity experts highlighted that attackers can inject specific data into the QR code used for accessing restricted areas. Consequently, they can gain unauthorized access to the terminal and physically access the restricted areas. When the terminal processes a request containing this type of malicious QR code, the database mistakenly identifies it as originating from the most recently authorized legitimate user.

“In addition to replacing the QR code, there is another intriguing physical attack vector. If someone with malicious intent gains access to the device’s database, they can exploit other vulnerabilities to download a legitimate user’s photo, print it, and use it to deceive the device’s camera to gain access to a secured area. This method, of course, has certain limitations. It requires a printed photo, and warmth detection must be turned off. However, it still poses a significant potential threat,” says Georgy Kiguradze, Senior Application Security Specialist at Kaspersky.

cybersecurity

Comments

Comments are closed.

Forex
World
Commodity

Currency	Rate
USD PKR Interbank Selling / Oct 4	277.65
USD PKR Interbank Buying / Oct 4	277.45
USD to Japanese Yen / Oct 5	148.70
USD to Swiss Franc / Oct 5	0.86
Pound Sterling to USD / Oct 5	1.31
Euro to USD / Oct 5	1.10

Stock	Volume
S&P 500 / Oct 5	5,751.07
India Sensex / Oct 5	81,688.45
Tokyo Nikkei / Oct 5	38,635.62
Nasdaq / Oct 5	18,137.85
Hang Seng / Oct 5	22,736.87
FTSE 100 / Oct 5	8,280.63
Dow Jones / Oct 5	42,352.75
Germany DAX 30 / Oct 5	19,120.93

Item	Value
Petrol/Litre / Oct 5	247.03
Crude Oil USD/Barrel / Oct 5	74.38
Karachi Cotton PKR/37.32 KG / Oct 5	18,285
Gold 10 Grams PKR / Oct 5	237,401.20
Gold Spot USD/Ounce / Oct 5	2,653.60
Diesel/Litre / Oct 5	246.29

Gainers
Losers
Leaders

Stock	Price
786 Invest Ltd / Oct 5 786 Investments Limited(786)	5 ▼ 0.00 (0.00%)
AL-Abbas Sugar / Oct 5 Al-Abbas Sugar Mills Limited(AABS)	585 ▼ 0.00 (0.00%)
Agro Allianz / Oct 5 Agro Allianz Limited(AAL)	16 ▼ 0.00 (0.00%)
AL-Abid Silk / Oct 5 Al-Abid Silk Mills Limited(AASM)	3.49 ▼ 0.00 (0.00%)
Ali Asghar / Oct 5 Ali Asghar Textile Mills Limited(AATM)	2.07 ▼ 0.00 (0.00%)
Allied Bank / Oct 5 Allied Bank Limited(ABL)	87.10 ▼ 0.00 (0.00%)
Abbott Lab. / Oct 5 Abbott Laboratories (Pakistan) Limited(ABOT)	499.34 ▼ 0.00 (0.00%)
Abson Ind. / Oct 5 Abson Industries Limited(ABSON)	2.50 ▼ 0.00 (0.00%)
Alfalah ETF. / Oct 5 Alfalah Consumer Index ETF.(ACIETF)	9.84 ▼ 0.00 (0.00%)

Stock	Price
786 Invest Ltd / Oct 5 786 Investments Limited(786)	5 ▲ 0.00 (0.00%)
AL-Abbas Sugar / Oct 5 Al-Abbas Sugar Mills Limited(AABS)	585 ▲ 0.00 (0.00%)
Agro Allianz / Oct 5 Agro Allianz Limited(AAL)	16 ▲ 0.00 (0.00%)
AL-Abid Silk / Oct 5 Al-Abid Silk Mills Limited(AASM)	3.49 ▲ 0.00 (0.00%)
Ali Asghar / Oct 5 Ali Asghar Textile Mills Limited(AATM)	2.07 ▲ 0.00 (0.00%)
Allied Bank / Oct 5 Allied Bank Limited(ABL)	87.10 ▲ 0.00 (0.00%)
Abbott Lab. / Oct 5 Abbott Laboratories (Pakistan) Limited(ABOT)	499.34 ▲ 0.00 (0.00%)
Abson Ind. / Oct 5 Abson Industries Limited(ABSON)	2.50 ▲ 0.00 (0.00%)
Alfalah ETF. / Oct 5 Alfalah Consumer Index ETF.(ACIETF)	9.84 ▲ 0.00 (0.00%)

Stock	Volume
P.I.A.C.(A) / Oct 5 Pakistan International Airlines Corp(PIAA)	47,200,500 ▲ 0.00
Cnergyico PK / Oct 5 Cnergyico PK Limited(CNERGY)	29,719,327 ▲ 0.00
Pak Petroleum / Oct 5 Pakistan Petroleum Limited(PPL)	21,170,581 ▲ 0.00
Pak Refinery / Oct 5 Pakistan Refinery Limited(PRL)	16,965,134 ▲ 0.00
The Searle Co. / Oct 5 The Searle Company Limited(SEARL)	15,793,227 ▲ 0.00
P.T.C.L. / Oct 5 Pakistan Telecommunication Company Ltd(PTC)	15,054,641 ▲ 0.00
K-Electric Ltd. / Oct 5 K-Electric Limited(KEL)	14,145,556 ▲ 0.00
WorldCall Telecom / Oct 5 Worldcall Telecom Limited(WTL)	13,158,668 ▲ 0.00
Telecard Limited / Oct 5 Telecard Limited(TELE)	12,358,668 ▲ 0.00