Researchers detail GoFetch, a new side-channel attack impacting Apple CPUs that could allow an attacker to obtain secret keys. The post New ‘GoFetch’ Apple CPU Attack Exposes Crypto Keys appeared first on SecurityWeek.
...moreTotal Articles Found: 45
Top sources:
Top Keywords:
Top Authors
Top Articles:
Published: 2024-03-22 10:42:36
Popularity: 16
Author: Eduard Kovacs
Keywords:
Researchers detail GoFetch, a new side-channel attack impacting Apple CPUs that could allow an attacker to obtain secret keys. The post New ‘GoFetch’ Apple CPU Attack Exposes Crypto Keys appeared first on SecurityWeek.
...morePublished: 2024-01-31 12:51:52
Popularity: 20
Author: Eduard Kovacs
Keywords:
Over a dozen vulnerabilities discovered in Tor audit, including a high-risk flaw that can be exploited to inject arbitrary bridges. The post Tor Code Audit Finds 17 Vulnerabilities appeared first on SecurityWeek.
...morePublished: 2023-05-05 08:33:00
Popularity: 10
Author: Eduard Kovacs
Keywords:
Google’s latest Android security updates patch over 40 vulnerabilities, including CVE-2023-0266, a kernel flaw exploited as a zero-day by a spyware vendor. The post Android Security Update Patches Kernel Vulnerability Exploited by Spyware Vendor appeared first on SecurityWeek.
...morePublished: 2022-12-28 11:09:56
Popularity: 47
Author: Eduard Kovacs
Keywords:
As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for eavesdropping on a targeted user’s conversations, according to a team of researchers from several universities in the United States. read more
...morePublished: 2023-01-03 11:39:44
Popularity: 11
Author: Eduard Kovacs
Keywords:
Chinese tech giant Huawei patched nearly 300 vulnerabilities in its HarmonyOS operating system in 2022. read more
...morePublished: 2022-12-12 12:21:29
Popularity: 12
Author: Eduard Kovacs
Keywords:
At least two lawsuits have been filed against Texas-based cloud company Rackspace over the recently disclosed ransomware attack. read more
...morePublished: 2022-10-19 10:18:02
Popularity: 14
Author: Eduard Kovacs
Keywords:
Google last week unveiled a new project focused on building a secure embedded platform for machine learning (ML) applications. The project’s goal is designing intelligent ambient ML systems that are secure and trustworthy. read more
...morePublished: 2022-10-19 11:31:39
Popularity: 16
Author: Eduard Kovacs
Keywords:
WordPress 6.0.3 started rolling out this week. The latest security release patches 16 vulnerabilities. read more
...morePublished: 2022-08-23 11:29:19
Popularity: 27
Author: Eduard Kovacs
Keywords:
A security firm has disclosed the details of an issue affecting a CrowdStrike product after what it described as a ‘ridiculous vulnerability disclosure process’. CrowdStrike has provided some clarifications following the disclosure. read more
...morePublished: 2022-08-15 13:30:49
Popularity: 8
Author: Eduard Kovacs
Keywords:
Bootloaders present in a majority of computers made in the past 10 years are affected by Secure Boot bypass vulnerabilities, according to firmware security company Eclypsium. read more
...morePublished: 2022-08-12 10:23:58
Popularity: 11
Author: Eduard Kovacs
Keywords:
Hundreds of companies and organizations showcased their products and services this week at the 2022 edition of the Black Hat conference in Las Vegas. read more
...morePublished: 2022-08-02 10:30:19
Popularity: 14
Author: Eduard Kovacs
Keywords:
Google on Monday published a security bulletin describing the latest round of patches for the Android operating system. Three dozen vulnerabilities have been fixed, including a critical issue that can be exploited for remote code execution over Bluetooth. read more
...morePublished: 2022-07-13 20:02:47
Popularity: 19
Author: Eduard Kovacs
Keywords:
Lenovo has released a security advisory to inform customers that more than 70 of its laptops are affected by a UEFI/BIOS vulnerability that can lead to arbitrary code execution. read more
...morePublished: 2022-06-28 13:01:05
Popularity: 12
Author: Eduard Kovacs
Keywords:
Cloud security company Wiz has announced the launch of a new database whose goal is to keep track of vulnerabilities and other security issues affecting cloud services. read more
...morePublished: 2022-06-02 15:00:17
Popularity: 10
Author: Eduard Kovacs
Keywords:
Millions of budget smartphones that use UNISOC chipsets could have their communications remotely disrupted by hackers due to a critical vulnerability discovered recently by researchers at cybersecurity firm Check Point. read more
...morePublished: 2022-05-25 10:37:49
Popularity: 12
Author: Eduard Kovacs
Keywords:
Google’s Project Zero has disclosed the details of a zero-click remote code execution exploit targeting the Zoom video conferencing software. read more
...morePublished: 2022-03-10 11:55:14
Popularity: 18
Author: Eduard Kovacs
Keywords:
A team of researchers from the Vrije Universiteit Amsterdam in the Netherlands has demonstrated a new Spectre attack variant that can bypass hardware mitigations implemented in recent years by Intel and Arm. read more
...morePublished: 2022-02-13 18:01:12
Popularity: 15
Author: Eduard Kovacs
Keywords:
Adobe released an emergency advisory on Sunday to inform Commerce and Magento users of a critical zero-day vulnerability that has been exploited in attacks. read more
...morePublished: 2021-12-27 11:33:20
Popularity: 10
Author: Eduard Kovacs
Keywords:
Schneider Electric has patched several new vulnerabilities that expose its EVlink electric vehicle charging stations to remote hacker attacks. read more
...morePublished: 2021-10-15 11:07:26
Popularity: 18
Author: Eduard Kovacs
Keywords:
Researchers have disclosed the details of new timing and power-based side-channel attacks that affect all CPUs made by AMD, but the chipmaker says no new mitigations are necessary. read more
...morePublished: 2021-09-02 10:47:16
Popularity: 7
Author: Eduard Kovacs
Keywords:
Hackers started exploiting a vulnerability in Atlassian’s Confluence enterprise collaboration product just one week after the availability of a patch was announced. read more
...morePublished: 2021-08-06 15:08:13
Popularity: 14
Author: Eduard Kovacs
Keywords:
A new domain name system (DNS) attack method that involves registering a domain with a specific name can be leveraged for what researchers described as “nation-state level spying.” read more
...morePublished: 2021-07-21 10:03:49
Popularity: 13
Author: Eduard Kovacs
Keywords:
Security updates released by Adobe on Tuesday for seven of its products patch a total of 21 vulnerabilities, including 15 flaws that have been assigned a critical severity rating. read more
...morePublished: 2021-06-16 13:37:47
Popularity: 12
Author: Eduard Kovacs
Keywords:
Google this week announced that it has released open source tools and libraries that can be used by developers to implement fully homomorphic encryption (FHE). read more
...morePublished: 2021-06-11 13:09:45
Popularity: 12
Author: Eduard Kovacs
Keywords:
GitHub this week disclosed the details of an easy-to-exploit Linux vulnerability that can be leveraged to escalate privileges to root on the targeted system. The flaw, classified as high severity and tracked as CVE-2021-3560, impacts polkit, an authorization service that is present by default in many Linux distributions. read more
...morePublished: 2021-05-26 14:29:30
Popularity: 9
Author: Eduard Kovacs
Keywords:
VMware has urged customers to immediately patch a critical vulnerability affecting vCenter Server, the management interface for vSphere environments. The vulnerability, tracked as CVE-2021-21985, was reported to VMware by Ricter Z of 360 Noah Lab and it has been patched in versions 6.5, 6.7 and 7.0 of vCenter Server. read more
...morePublished: 2021-04-08 11:13:54
Popularity: 47
Author: Eduard Kovacs
Keywords:
Two researchers earned $200,000 on the second day of the Pwn2Own 2021 hacking competition for a Zoom exploit allowing remote code execution without user interaction. read more
...morePublished: 2021-02-17 15:24:26
Popularity: 28
Author: Eduard Kovacs
Keywords:
Researchers at cybersecurity firm FireEye have analyzed a gateway device used for solar energy installations, and discovered vulnerabilities that could be useful to malicious hackers. read more
...morePublished: 2021-02-09 18:29:39
Popularity: 24
Author: Eduard Kovacs
Keywords:
Adobe on Tuesday announced the availability of patches for 50 vulnerabilities across six of its products, including a zero-day vulnerability in Reader that has been exploited in the wild. read more
...morePublished: 2021-02-17 09:31:00
Popularity: 36
Author: Eduard Kovacs
Keywords:
read more
...morePublished: 2021-01-27 09:49:45
Popularity: 54
Author: Eduard Kovacs
Keywords:
Trend Micro’s Zero Day Initiative (ZDI) on Tuesday announced the targets, prizes and rules for the Pwn2Own Vancouver 2021 hacking competition, a hybrid event scheduled to take place on April 6-8. read more
...morePublished: 2020-09-14 12:18:11
Popularity: 44
Author: Eduard Kovacs
Keywords:
Researchers have disclosed the details of several potentially serious vulnerabilities affecting MobileIron’s mobile device management (MDM) solutions, including a flaw that can be exploited by an unauthenticated attacker for remote code execution on affected servers. read more
...morePublished: 2020-09-08 18:07:19
Popularity: 24
Author: Eduard Kovacs
Keywords:
Adobe on Tuesday informed customers that it has patched a total of 18 vulnerabilities across its Experience Manager (AEM), FrameMaker and InDesign products. read more
...morePublished: 2020-08-07 19:11:40
Popularity: 100
Author: Eduard Kovacs
Keywords:
read more
...morePublished: 2020-06-10 03:32:35
Popularity: 29
Author: Eduard Kovacs
Keywords:
Microsoft’s security updates for June 2020 patch 129 vulnerabilities, including 11 critical remote code execution flaws affecting Windows, the Edge and Internet Explorer browsers, and SharePoint. read more
...morePublished: 2020-03-26 19:55:19
Popularity: 49
Author: Eduard Kovacs
Keywords:
Proton Technologies, the company behind the privacy-focused ProtonMail and ProtonVPN services, this week disclosed the existence of a vulnerability in Apple’s iOS mobile operating system that prevents VPN applications from encrypting all traffic. read more
...morePublished: 2020-03-13 15:21:36
Popularity: 72
Author: Eduard Kovacs
Keywords:
VMware has patched three serious vulnerabilities in its products, including a critical flaw in Workstation and Fusion that can be exploited to execute arbitrary code on the host from the guest operating system. The critical flaw, tracked as CVE-2020-3947, is caused by a use-after-free bug in the vmnetdhcp component. read more
...morePublished: 2020-02-17 15:44:34
Popularity: 41
Author: Eduard Kovacs
Keywords:
A serious vulnerability found in a WordPress themes plugin with over 200,000 active installations can be exploited to wipe a website’s database and gain administrator access to the site. read more
...morePublished: 2019-09-27 11:33:27
Popularity: 76
Author: Eduard Kovacs
Keywords:
A new variant of a recently disclosed SIM card attack method could expose millions of mobile phones to remote hacking, researchers have warned. read more
...morePublished: 2019-08-15 18:04:13
Popularity: 38
Author: Eduard Kovacs
Keywords:
The latest update released by Mozilla for Firefox patches a vulnerability that can be exploited to bypass the master password of the built-in password manager and obtain stored passwords. read more
...morePublished: 2019-06-14 14:16:23
Popularity: 51
Author: Eduard Kovacs
Keywords:
CyberMDX, a research and analysis company specializing in medical device security, on Thursday revealed that its employees identified two serious vulnerabilities in infusion therapy products from medical technology firm BD. read more
...morePublished: 2019-05-15 14:29:55
Popularity: 64
Author: Eduard Kovacs
Keywords:
read more
...morePublished: 2019-04-26 13:55:06
Popularity: 153
Author: Eduard Kovacs
Keywords:
Cisco’s Talos research and intelligence group on Thursday disclosed the details of nearly a dozen vulnerabilities uncovered in Sierra Wireless AirLink devices, including serious flaws that can be exploited to change system settings, execute arbitrary code, and modify passwords. read more
...morePublished: 2024-05-21 10:25:29
Popularity: 29
Author: Eduard Kovacs
Keywords:
The EPA has issued an enforcement alert, outlining the steps needed to comply with the Safe Drinking Water Act. The post EPA Issues Alert After Finding Critical Vulnerabilities in Drinking Water Systems appeared first on SecurityWeek.
...morePublished: 2024-07-31 08:51:48
Popularity: 22
Author: Eduard Kovacs
Keywords:
Zscaler is aware of a company that paid a record-breaking $75 million ransom to the Dark Angels ransomware group. The post Company Paid Record-Breaking $75 Million to Ransomware Group: Report appeared first on SecurityWeek.
...more