Summary

Total Articles Found: 45

Top sources:

Top Keywords:

Top Authors

Top Articles:

  • Cisco Finds Serious Flaws in Sierra Wireless AirLink Devices
  • Chinese Researchers Show How They Remotely Hacked a Mercedes-Benz
  • Researchers Disclose Another SIM Card Attack Possibly Impacting Millions
  • Critical Flaw in VMware Workstation, Fusion Allows Code Execution on Host From Guest
  • Intel MDS Vulnerabilities: What You Need to Know
  • Pwn2Own 2021: Hackers Offered $200,000 for Zoom, Microsoft Teams Exploits
  • Vulnerabilities Expose BD Infusion Therapy Devices to Attacks
  • No Patch for VPN Bypass Flaw Discovered in iOS
  • EarSpy: Spying on Phone Calls via Ear Speaker Vibrations Captured by Accelerometer
  • $200,000 Awarded for Zero-Click Zoom Exploit at Pwn2Own

New ‘GoFetch’ Apple CPU Attack Exposes Crypto Keys 

Published: 2024-03-22 10:42:36

Popularity: 16

Author: Eduard Kovacs

Keywords:

  • Data Protection
  • Apple
  • CPU vulnerability
  • Featured
  • side-channel attack
  • Researchers detail GoFetch, a new side-channel attack impacting Apple CPUs that could allow an attacker to obtain secret keys. The post New ‘GoFetch’ Apple CPU Attack Exposes Crypto Keys  appeared first on SecurityWeek.

    ...more

    Tor Code Audit Finds 17 Vulnerabilities

    Published: 2024-01-31 12:51:52

    Popularity: 20

    Author: Eduard Kovacs

    Keywords:

  • Application Security
  • Vulnerabilities
  • audit
  • Tor
  • Over a dozen vulnerabilities discovered in Tor audit, including a high-risk flaw that can be exploited to inject arbitrary bridges.  The post Tor Code Audit Finds 17 Vulnerabilities appeared first on SecurityWeek.

    ...more

    Android Security Update Patches Kernel Vulnerability Exploited by Spyware Vendor

    Published: 2023-05-05 08:33:00

    Popularity: 10

    Author: Eduard Kovacs

    Keywords:

  • Mobile & Wireless
  • Vulnerabilities
  • Android
  • Zero-Day
  • Google’s latest Android security updates patch over 40 vulnerabilities, including CVE-2023-0266, a kernel flaw exploited as a zero-day by a spyware vendor. The post Android Security Update Patches Kernel Vulnerability Exploited by Spyware Vendor appeared first on SecurityWeek.

    ...more

    EarSpy: Spying on Phone Calls via Ear Speaker Vibrations Captured by Accelerometer

    Published: 2022-12-28 11:09:56

    Popularity: 47

    Author: Eduard Kovacs

    Keywords:

  • Mobile Security
  • NEWS & INDUSTRY
  • Privacy
  • Mobile & Wireless
  • Privacy & Compliance
  • As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for eavesdropping on a targeted user’s conversations, according to a team of researchers from several universities in the United States. read more

    ...more

    Nearly 300 Vulnerabilities Patched in Huawei's HarmonyOS in 2022

    Published: 2023-01-03 11:39:44

    Popularity: 11

    Author: Eduard Kovacs

    Keywords:

  • Mobile Security
  • NEWS & INDUSTRY
  • Vulnerabilities
  • Mobile & Wireless
  • Chinese tech giant Huawei patched nearly 300 vulnerabilities in its HarmonyOS operating system in 2022. read more

    ...more

    Rackspace Hit With Lawsuits Over Ransomware Attack

    Published: 2022-12-12 12:21:29

    Popularity: 12

    Author: Eduard Kovacs

    Keywords:

  • NEWS & INDUSTRY
  • Incident Response
  • Cybercrime
  • Management & Strategy
  • At least two lawsuits have been filed against Texas-based cloud company Rackspace over the recently disclosed ransomware attack. read more

    ...more

    Google Unveils KataOS 'Verifiably-Secure' Operating System for Embedded Devices

    Published: 2022-10-19 10:18:02

    Popularity: 14

    Author: Eduard Kovacs

    Keywords:

  • Endpoint Security
  • NEWS & INDUSTRY
  • IoT Security
  • Google last week unveiled a new project focused on building a secure embedded platform for machine learning (ML) applications. The project’s goal is designing intelligent ambient ML systems that are secure and trustworthy. read more

    ...more

    WordPress Security Update 6.0.3 Patches 16 Vulnerabilities

    Published: 2022-10-19 11:31:39

    Popularity: 16

    Author: Eduard Kovacs

    Keywords:

  • NEWS & INDUSTRY
  • Vulnerabilities
  • WordPress 6.0.3 started rolling out this week. The latest security release patches 16 vulnerabilities. read more

    ...more

    Security Firm Discloses CrowdStrike Issue After 'Ridiculous Disclosure Process'

    Published: 2022-08-23 11:29:19

    Popularity: 27

    Author: Eduard Kovacs

    Keywords:

  • Endpoint Security
  • NEWS & INDUSTRY
  • Vulnerabilities
  • 🤖: "Cyber Oops"

    A security firm has disclosed the details of an issue affecting a CrowdStrike product after what it described as a ‘ridiculous vulnerability disclosure process’. CrowdStrike has provided some clarifications following the disclosure. read more

    ...more

    Secure Boot Bypass Flaws Affect Bootloaders of Many Devices Made in Past Decade

    Published: 2022-08-15 13:30:49

    Popularity: 8

    Author: Eduard Kovacs

    Keywords:

  • Endpoint Security
  • NEWS & INDUSTRY
  • Vulnerabilities
  • 🤖: "Bootjacked"

    Bootloaders present in a majority of computers made in the past 10 years are affected by Secure Boot bypass vulnerabilities, according to firmware security company Eclypsium. read more

    ...more

    Black Hat USA 2022 - Announcements Summary

    Hundreds of companies and organizations showcased their products and services this week at the 2022 edition of the Black Hat conference in Las Vegas. read more

    ...more

    Google Patches Critical Android Flaw Allowing Remote Code Execution via Bluetooth

    Published: 2022-08-02 10:30:19

    Popularity: 14

    Author: Eduard Kovacs

    Keywords:

  • NEWS & INDUSTRY
  • Vulnerabilities
  • Google on Monday published a security bulletin describing the latest round of patches for the Android operating system. Three dozen vulnerabilities have been fixed, including a critical issue that can be exploited for remote code execution over Bluetooth. read more

    ...more

    Lenovo Patches UEFI Code Execution Vulnerability Affecting Many Laptops

    Published: 2022-07-13 20:02:47

    Popularity: 19

    Author: Eduard Kovacs

    Keywords:

  • Endpoint Security
  • NEWS & INDUSTRY
  • Vulnerabilities
  • 🤖: ""UEFI bugger""

    Lenovo has released a security advisory to inform customers that more than 70 of its laptops are affected by a UEFI/BIOS vulnerability that can lead to arbitrary code execution. read more

    ...more

    New Database Catalogs Cloud Vulnerabilities, Security Issues

    Published: 2022-06-28 13:01:05

    Popularity: 12

    Author: Eduard Kovacs

    Keywords:

  • NEWS & INDUSTRY
  • Risk Management
  • Cloud Security
  • Vulnerabilities
  • Management & Strategy
  • Cloud security company Wiz has announced the launch of a new database whose goal is to keep track of vulnerabilities and other security issues affecting cloud services. read more

    ...more

    Millions of Budget Smartphones With UNISOC Chips Vulnerable to Remote DoS Attacks

    Published: 2022-06-02 15:00:17

    Popularity: 10

    Author: Eduard Kovacs

    Keywords:

  • Mobile Security
  • NEWS & INDUSTRY
  • Wireless Security
  • Vulnerabilities
  • Mobile & Wireless
  • 🤖: ""bugged phones""

    Millions of budget smartphones that use UNISOC chipsets could have their communications remotely disrupted by hackers due to a critical vulnerability discovered recently by researchers at cybersecurity firm Check Point. read more

    ...more

    Google Discloses Details of Zoom Zero-Click Remote Code Execution Exploit

    Published: 2022-05-25 10:37:49

    Popularity: 12

    Author: Eduard Kovacs

    Keywords:

  • NEWS & INDUSTRY
  • Vulnerabilities
  • Google’s Project Zero has disclosed the details of a zero-click remote code execution exploit targeting the Zoom video conferencing software. read more

    ...more

    New Variant of Spectre Attack Bypasses Intel and Arm Hardware Mitigations

    Published: 2022-03-10 11:55:14

    Popularity: 18

    Author: Eduard Kovacs

    Keywords:

  • Endpoint Security
  • NEWS & INDUSTRY
  • Vulnerabilities
  • 🤖: ""Spectre strikes again""

    A team of researchers from the Vrije Universiteit Amsterdam in the Netherlands has demonstrated a new Spectre attack variant that can bypass hardware mitigations implemented in recent years by Intel and Arm. read more

    ...more

    Adobe Releases Emergency Patch for Exploited Commerce Zero-Day

    Published: 2022-02-13 18:01:12

    Popularity: 15

    Author: Eduard Kovacs

    Keywords:

  • NEWS & INDUSTRY
  • Virus & Threats
  • Virus & Malware
  • Cybercrime
  • Adobe released an emergency advisory on Sunday to inform Commerce and Magento users of a critical zero-day vulnerability that has been exploited in attacks. read more

    ...more

    New Flaws Expose EVlink Electric Vehicle Charging Stations to Remote Hacking

    Published: 2021-12-27 11:33:20

    Popularity: 10

    Author: Eduard Kovacs

    Keywords:

  • ICS/OT
  • NEWS & INDUSTRY
  • Vulnerabilities
  • IoT Security
  • 🤖: ""Charging hacked""

    Schneider Electric has patched several new vulnerabilities that expose its EVlink electric vehicle charging stations to remote hacker attacks. read more

    ...more

    Researchers Disclose New Side-Channel Attacks Affecting All AMD CPUs

    Published: 2021-10-15 11:07:26

    Popularity: 18

    Author: Eduard Kovacs

    Keywords:

  • NEWS & INDUSTRY
  • Vulnerabilities
  • Researchers have disclosed the details of new timing and power-based side-channel attacks that affect all CPUs made by AMD, but the chipmaker says no new mitigations are necessary. read more

    ...more

    Recently Patched Confluence Vulnerability Exploited in the Wild

    Published: 2021-09-02 10:47:16

    Popularity: 7

    Author: Eduard Kovacs

    Keywords:

  • NEWS & INDUSTRY
  • Virus & Threats
  • Vulnerabilities
  • Cybercrime
  • Hackers started exploiting a vulnerability in Atlassian’s Confluence enterprise collaboration product just one week after the availability of a patch was announced. read more

    ...more

    New DNS Attack Enables 'Nation-State Level Spying' via Domain Registration

    Published: 2021-08-06 15:08:13

    Popularity: 14

    Author: Eduard Kovacs

    Keywords:

  • NEWS & INDUSTRY
  • Vulnerabilities
  • A new domain name system (DNS) attack method that involves registering a domain with a specific name can be leveraged for what researchers described as “nation-state level spying.” read more

    ...more

    Adobe Patches 21 Vulnerabilities Across Seven Products

    Published: 2021-07-21 10:03:49

    Popularity: 13

    Author: Eduard Kovacs

    Keywords:

  • NEWS & INDUSTRY
  • Vulnerabilities
  • 🤖: ""Patch party""

    Security updates released by Adobe on Tuesday for seven of its products patch a total of 21 vulnerabilities, including 15 flaws that have been assigned a critical severity rating. read more

    ...more

    Google Releases Open Source Tools and Libraries for Fully Homomorphic Encryption

    Published: 2021-06-16 13:37:47

    Popularity: 12

    Author: Eduard Kovacs

    Keywords:

  • NEWS & INDUSTRY
  • Data Protection
  • 🤖: "crypto secrets"

    Google this week announced that it has released open source tools and libraries that can be used by developers to implement fully homomorphic encryption (FHE). read more

    ...more

    GitHub Discloses Details of Easy-to-Exploit Linux Vulnerability

    Published: 2021-06-11 13:09:45

    Popularity: 12

    Author: Eduard Kovacs

    Keywords:

  • NEWS & INDUSTRY
  • Vulnerabilities
  • 🤖: ""Linux pwned""

    GitHub this week disclosed the details of an easy-to-exploit Linux vulnerability that can be leveraged to escalate privileges to root on the targeted system. The flaw, classified as high severity and tracked as CVE-2021-3560, impacts polkit, an authorization service that is present by default in many Linux distributions. read more

    ...more

    VMware Urges Customers to Immediately Patch Critical vSphere Vulnerability

    Published: 2021-05-26 14:29:30

    Popularity: 9

    Author: Eduard Kovacs

    Keywords:

  • NEWS & INDUSTRY
  • Vulnerabilities
  • 🤖: "patch party fail"

    VMware has urged customers to immediately patch a critical vulnerability affecting vCenter Server, the management interface for vSphere environments. The vulnerability, tracked as CVE-2021-21985, was reported to VMware by Ricter Z of 360 Noah Lab and it has been patched in versions 6.5, 6.7 and 7.0 of vCenter Server. read more

    ...more

    $200,000 Awarded for Zero-Click Zoom Exploit at Pwn2Own

    Published: 2021-04-08 11:13:54

    Popularity: 47

    Author: Eduard Kovacs

    Keywords:

  • NEWS & INDUSTRY
  • Vulnerabilities
  • Two researchers earned $200,000 on the second day of the Pwn2Own 2021 hacking competition for a Zoom exploit allowing remote code execution without user interaction. read more

    ...more

    Research Shows How Solar Energy Installations Can Be Abused by Hackers

    Published: 2021-02-17 15:24:26

    Popularity: 28

    Author: Eduard Kovacs

    Keywords:

  • NEWS & INDUSTRY
  • Vulnerabilities
  • IoT Security
  • Researchers at cybersecurity firm FireEye have analyzed a gateway device used for solar energy installations, and discovered vulnerabilities that could be useful to malicious hackers. read more

    ...more

    Adobe Patches Reader Vulnerability Exploited in the Wild

    Published: 2021-02-09 18:29:39

    Popularity: 24

    Author: Eduard Kovacs

    Keywords:

  • NEWS & INDUSTRY
  • Virus & Threats
  • Vulnerabilities
  • Cybercrime
  • Adobe on Tuesday announced the availability of patches for 50 vulnerabilities across six of its products, including a zero-day vulnerability in Reader that has been exploited in the wild. read more

    ...more

    Three New Vulnerabilities Patched in OpenSSL

    Published: 2021-02-17 09:31:00

    Popularity: 36

    Author: Eduard Kovacs

    Keywords:

  • NEWS & INDUSTRY
  • Vulnerabilities
  • read more

    ...more

    Pwn2Own 2021: Hackers Offered $200,000 for Zoom, Microsoft Teams Exploits

    Published: 2021-01-27 09:49:45

    Popularity: 54

    Author: Eduard Kovacs

    Keywords:

  • Endpoint Security
  • Network Security
  • NEWS & INDUSTRY
  • Application Security
  • Cloud Security
  • Vulnerabilities
  • IoT Security
  • Trend Micro’s Zero Day Initiative (ZDI) on Tuesday announced the targets, prizes and rules for the Pwn2Own Vancouver 2021 hacking competition, a hybrid event scheduled to take place on April 6-8. read more

    ...more

    Vulnerabilities Expose Thousands of MobileIron Servers to Remote Attacks

    Published: 2020-09-14 12:18:11

    Popularity: 44

    Author: Eduard Kovacs

    Keywords:

  • Mobile Security
  • NEWS & INDUSTRY
  • Vulnerabilities
  • Mobile & Wireless
  • Researchers have disclosed the details of several potentially serious vulnerabilities affecting MobileIron’s mobile device management (MDM) solutions, including a flaw that can be exploited by an unauthenticated attacker for remote code execution on affected servers. read more

    ...more

    Adobe Patches Critical Code Execution Flaws in AEM, FrameMaker, InDesign

    Published: 2020-09-08 18:07:19

    Popularity: 24

    Author: Eduard Kovacs

    Keywords:

  • NEWS & INDUSTRY
  • Vulnerabilities
  • Adobe on Tuesday informed customers that it has patched a total of 18 vulnerabilities across its Experience Manager (AEM), FrameMaker and InDesign products. read more

    ...more

    Chinese Researchers Show How They Remotely Hacked a Mercedes-Benz

    Published: 2020-08-07 19:11:40

    Popularity: 100

    Author: Eduard Kovacs

    Keywords:

  • Mobile Security
  • NEWS & INDUSTRY
  • Wireless Security
  • Vulnerabilities
  • Mobile & Wireless
  • IoT Security
  • read more

    ...more

    Microsoft Patches Critical Code Execution Vulnerabilities in Windows, Browsers

    Published: 2020-06-10 03:32:35

    Popularity: 29

    Author: Eduard Kovacs

    Keywords:

  • NEWS & INDUSTRY
  • Vulnerabilities
  • Microsoft’s security updates for June 2020 patch 129 vulnerabilities, including 11 critical remote code execution flaws affecting Windows, the Edge and Internet Explorer browsers, and SharePoint. read more

    ...more

    No Patch for VPN Bypass Flaw Discovered in iOS

    Published: 2020-03-26 19:55:19

    Popularity: 49

    Author: Eduard Kovacs

    Keywords:

  • Mobile Security
  • NEWS & INDUSTRY
  • Privacy
  • Vulnerabilities
  • Data Protection
  • Mobile & Wireless
  • Privacy & Compliance
  • 🤖: ""VPN fail""

    Proton Technologies, the company behind the privacy-focused ProtonMail and ProtonVPN services, this week disclosed the existence of a vulnerability in Apple’s iOS mobile operating system that prevents VPN applications from encrypting all traffic. read more

    ...more

    Critical Flaw in VMware Workstation, Fusion Allows Code Execution on Host From Guest

    Published: 2020-03-13 15:21:36

    Popularity: 72

    Author: Eduard Kovacs

    Keywords:

  • NEWS & INDUSTRY
  • Vulnerabilities
  • 🤖: ""Vulnerable VMs""

    VMware has patched three serious vulnerabilities in its products, including a critical flaw in Workstation and Fusion that can be exploited to execute arbitrary code on the host from the guest operating system. The critical flaw, tracked as CVE-2020-3947, is caused by a use-after-free bug in the vmnetdhcp component. read more

    ...more

    Flaw in WordPress Themes Plugin Allowed Hackers to Become Site Admin

    Published: 2020-02-17 15:44:34

    Popularity: 41

    Author: Eduard Kovacs

    Keywords:

  • NEWS & INDUSTRY
  • Vulnerabilities
  • 🤖: ""Security breach""

    A serious vulnerability found in a WordPress themes plugin with over 200,000 active installations can be exploited to wipe a website’s database and gain administrator access to the site. read more

    ...more

    Researchers Disclose Another SIM Card Attack Possibly Impacting Millions

    Published: 2019-09-27 11:33:27

    Popularity: 76

    Author: Eduard Kovacs

    Keywords:

  • Mobile Security
  • NEWS & INDUSTRY
  • Vulnerabilities
  • Mobile & Wireless
  • A new variant of a recently disclosed SIM card attack method could expose millions of mobile phones to remote hacking, researchers have warned. read more

    ...more

    Vulnerability Patched in Firefox Password Manager

    Published: 2019-08-15 18:04:13

    Popularity: 38

    Author: Eduard Kovacs

    Keywords:

  • NEWS & INDUSTRY
  • Identity & Access
  • Vulnerabilities
  • 🤖: "Browser blues"

    The latest update released by Mozilla for Firefox patches a vulnerability that can be exploited to bypass the master password of the built-in password manager and obtain stored passwords. read more

    ...more

    Vulnerabilities Expose BD Infusion Therapy Devices to Attacks

    Published: 2019-06-14 14:16:23

    Popularity: 51

    Author: Eduard Kovacs

    Keywords:

  • NEWS & INDUSTRY
  • Vulnerabilities
  • IoT Security
  • 🤖: ""Infusion hack""

    CyberMDX, a research and analysis company specializing in medical device security, on Thursday revealed that its employees identified two serious vulnerabilities in infusion therapy products from medical technology firm BD. read more

    ...more

    Intel MDS Vulnerabilities: What You Need to Know

    read more

    ...more

    Cisco Finds Serious Flaws in Sierra Wireless AirLink Devices

    Published: 2019-04-26 13:55:06

    Popularity: 153

    Author: Eduard Kovacs

    Keywords:

  • Network Security
  • NEWS & INDUSTRY
  • SCADA / ICS
  • Vulnerabilities
  • Cisco’s Talos research and intelligence group on Thursday disclosed the details of nearly a dozen vulnerabilities uncovered in Sierra Wireless AirLink devices, including serious flaws that can be exploited to change system settings, execute arbitrary code, and modify passwords. read more

    ...more

    EPA Issues Alert After Finding Critical Vulnerabilities in Drinking Water Systems

    Published: 2024-05-21 10:25:29

    Popularity: 29

    Author: Eduard Kovacs

    Keywords:

  • Government
  • ICS/OT
  • guidance
  • Water
  • The EPA has issued an enforcement alert, outlining the steps needed to comply with the Safe Drinking Water Act. The post EPA Issues Alert After Finding Critical Vulnerabilities in Drinking Water Systems appeared first on SecurityWeek.

    ...more

    Company Paid Record-Breaking $75 Million to Ransomware Group: Report

    Published: 2024-07-31 08:51:48

    Popularity: 22

    Author: Eduard Kovacs

    Keywords:

  • Ransomware
  • Featured
  • ransom payment
  • ransomware
  • 🤖: "Ransomware alert"

    Zscaler is aware of a company that paid a record-breaking $75 million ransom to the Dark Angels ransomware group. The post Company Paid Record-Breaking $75 Million to Ransomware Group: Report appeared first on SecurityWeek.

    ...more

    end