AGL 40.00 ▼ -0.16 (-0.4%)

AIRLINK 129.53 ▼ -2.20 (-1.67%)

BOP 6.68 ▼ -0.01 (-0.15%)

CNERGY 4.63 ▲ 0.16 (3.58%)

DCL 8.94 ▲ 0.12 (1.36%)

DFML 41.69 ▲ 1.08 (2.66%)

DGKC 83.77 ▼ -0.31 (-0.37%)

FCCL 32.77 ▲ 0.43 (1.33%)

FFBL 75.47 ▲ 6.86 (10%)

FFL 11.47 ▲ 0.12 (1.06%)

HUBC 110.55 ▼ -1.21 (-1.08%)

HUMNL 14.56 ▲ 0.25 (1.75%)

KEL 5.39 ▲ 0.17 (3.26%)

KOSM 8.40 ▼ -0.58 (-6.46%)

MLCF 39.79 ▲ 0.36 (0.91%)

NBP 60.29 ▼ 0.00 (0%)

OGDC 199.66 ▲ 4.72 (2.42%)

PAEL 26.65 ▼ -0.04 (-0.15%)

PIBTL 7.66 ▲ 0.18 (2.41%)

PPL 157.92 ▲ 2.15 (1.38%)

PRL 26.73 ▲ 0.05 (0.19%)

PTC 18.46 ▲ 0.16 (0.87%)

SEARL 82.44 ▼ -0.58 (-0.7%)

TELE 8.31 ▲ 0.08 (0.97%)

TOMCL 34.51 ▼ -0.04 (-0.12%)

TPLP 9.06 ▲ 0.25 (2.84%)

TREET 17.47 ▲ 0.77 (4.61%)

TRG 61.32 ▼ -1.13 (-1.81%)

UNITY 27.43 ▼ -0.01 (-0.04%)

WTL 1.38 ▲ 0.10 (7.81%)

BR100 10,407 220 (2.16%)

BR30 31,713 377.1 (1.2%)

KSE100 97,328 1781.9 (1.86%)

KSE30 30,192 614.4 (2.08%)

اردو

Nov 21, 2024 اردو ► PRINT EDITION ► BR MARKETS ► Dollar to PKR ►

Pakistan Print 2024-06-14

Numerous flaws identified in hybrid biometric terminal

Recorder Report Published June 14, 2024

ISLAMABAD: A global cybersecurity company has identified numerous flaws in the hybrid biometric terminal produced by an International Chinese manufacturer.

According to the experts of Kaspersky, by adding random user data to the database or using a fake QR code, a nefarious actor can easily bypass the verification process and gain unauthorized access. The attackers can also steal and leak biometric data, remotely manipulate devices, and deploy backdoors. High-security facilities worldwide are at risk if they use this vulnerable device.

The flaws were discovered in the course of Kaspersky Security Assessment experts’ research into the software and hardware of the company. All findings were proactively shared with the manufacturer prior to public disclosure.

The biometric readers in question are widely used in areas across diverse sectors – from nuclear or chemical plants to offices and hospitals. These devices support face recognition and QR-code authentication, along with the capacity to store thousands of facial templates. However, the newly discovered vulnerabilities expose them to various attacks.

Cybersecurity experts highlighted that attackers can inject specific data into the QR code used for accessing restricted areas. Consequently, they can gain unauthorized access to the terminal and physically access the restricted areas. When the terminal processes a request containing this type of malicious QR code, the database mistakenly identifies it as originating from the most recently authorized legitimate user.

“In addition to replacing the QR code, there is another intriguing physical attack vector. If someone with malicious intent gains access to the device’s database, they can exploit other vulnerabilities to download a legitimate user’s photo, print it, and use it to deceive the device’s camera to gain access to a secured area. This method, of course, has certain limitations. It requires a printed photo, and warmth detection must be turned off. However, it still poses a significant potential threat,” says Georgy Kiguradze, Senior Application Security Specialist at Kaspersky.

cybersecurity

Comments

Comments are closed.

Forex
World
Commodity

Currency	Rate
USD PKR Interbank Selling / Nov 21	278.03
USD PKR Interbank Buying / Nov 21	277.78
USD to Japanese Yen / Nov 21	154.92
USD to Swiss Franc / Nov 21	0.88
Pound Sterling to USD / Nov 21	1.26
Euro to USD / Nov 21	1.05

Stock	Volume
S&P 500 / Nov 20	5,917.11
Nasdaq / Nov 20	18,966.14
Dow Jones / Nov 20	43,408.47
India Sensex / Nov 21	77,137.20
Tokyo Nikkei / Nov 21	38,026.17
Hang Seng / Nov 21	19,620.49
FTSE 100 / Nov 21	8,069.57
Germany DAX 30 / Nov 21	18,942.65

Item	Value
Petrol/Litre / Nov 21	248.38
Crude Oil USD/Barrel / Nov 21	69.38
Karachi Cotton PKR/37.32 KG / Nov 21	17,785
Gold 10 Grams PKR / Nov 21	238,340
Gold Spot USD/Ounce / Nov 21	2,662.71
Diesel/Litre / Nov 21	255.14

Gainers
Losers
Leaders

Stock	Price
786 Invest Ltd / Nov 21 786 Investments Limited(786)	7.11 ▼ 0.00 (0.00%)
AL-Abbas Sugar / Nov 21 Al-Abbas Sugar Mills Limited(AABS)	611.40 ▼ 0.00 (0.00%)
Agro Allianz / Nov 21 Agro Allianz Limited(AAL)	16 ▼ 0.00 (0.00%)
AL-Abid Silk / Nov 21 Al-Abid Silk Mills Limited(AASM)	3.49 ▼ 0.00 (0.00%)
Ali Asghar / Nov 21 Ali Asghar Textile Mills Limited(AATM)	63.60 ▼ 0.00 (0.00%)
Allied Bank / Nov 21 Allied Bank Limited(ABL)	114.42 ▼ 0.00 (0.00%)
Abbott Lab. / Nov 21 Abbott Laboratories (Pakistan) Limited(ABOT)	1,048.22 ▼ 0.00 (0.00%)
Abson Ind. / Nov 21 Abson Industries Limited(ABSON)	2.50 ▼ 0.00 (0.00%)
Alfalah ETF. / Nov 21 Alfalah Consumer Index ETF.(ACIETF)	12.32 ▼ 0.00 (0.00%)

Stock	Price
786 Invest Ltd / Nov 21 786 Investments Limited(786)	7.11 ▲ 0.00 (0.00%)
AL-Abbas Sugar / Nov 21 Al-Abbas Sugar Mills Limited(AABS)	611.40 ▲ 0.00 (0.00%)
Agro Allianz / Nov 21 Agro Allianz Limited(AAL)	16 ▲ 0.00 (0.00%)
AL-Abid Silk / Nov 21 Al-Abid Silk Mills Limited(AASM)	3.49 ▲ 0.00 (0.00%)
Ali Asghar / Nov 21 Ali Asghar Textile Mills Limited(AATM)	63.60 ▲ 0.00 (0.00%)
Allied Bank / Nov 21 Allied Bank Limited(ABL)	114.42 ▲ 0.00 (0.00%)
Abbott Lab. / Nov 21 Abbott Laboratories (Pakistan) Limited(ABOT)	1,048.22 ▲ 0.00 (0.00%)
Abson Ind. / Nov 21 Abson Industries Limited(ABSON)	2.50 ▲ 0.00 (0.00%)
Alfalah ETF. / Nov 21 Alfalah Consumer Index ETF.(ACIETF)	12.32 ▲ 0.00 (0.00%)

Stock	Volume
K-Electric Ltd. / Nov 21 K-Electric Limited(KEL)	174,389,145 ▲ 0.00
Hascol Petrol / Nov 21 Hascol Petroleum Limited(HASCOL)	63,973,243 ▲ 0.00
Kohinoor Spining / Nov 21 Kohinoor Spinning Mills Limited(KOSM)	62,996,737 ▲ 0.00
Aisha Steel Mill / Nov 21 Aisha Steel Mills Limited(ASL)	48,137,561 ▲ 0.00
Waves Home Appliances / Nov 21 Waves Home Appliances Limited(WAVESAPP)	43,506,391 ▲ 0.00
Lotte Chemical / Nov 21 Lotte Chemical Pakistan Limited(LOTCHEM)	40,852,960 ▲ 0.00
Telecard Limited / Nov 21 Telecard Limited(TELE)	36,937,252 ▲ 0.00
Cnergyico PK / Nov 21 Cnergyico PK Limited(CNERGY)	31,401,025 ▲ 0.00
WorldCall Telecom / Nov 21 Worldcall Telecom Limited(WTL)	31,346,592 ▲ 0.00