Summary

Total Articles Found: 20

Top sources:

Top Keywords:

Top Authors

Top Articles:

  • Report: TikTok Harvested MAC Addresses By Exploiting Android Loophole
  • Researchers Find Exploitable Bugs in Mercedes-Benz Cars
  • North Korean .Gov Hackers Back With Fake Pen-Test Company
  • No Patch for VPN Bypass Flaw Discovered in iOS
  • Adobe: Critical Flaws in Reader, Acrobat, Illustrator
  • Google Warns of Exploited Zero-Days in Chrome Browser
  • Project Zero Flags High-Risk Zoom Security Flaw
  • Adobe Patches Gaping Security Holes in Acrobat, Reader, Photoshop
  • Software Supply Chain Weakness: Snyk Warns of 'Deliberate Sabotage' of NPM Ecosystem
  • New ‘GoFetch’ Apple CPU Attack Exposes Crypto Keys 

New ‘GoFetch’ Apple CPU Attack Exposes Crypto Keys 

Published: 2024-03-22 10:42:36

Popularity: 16

Author: Eduard Kovacs

Keywords:

  • Data Protection
  • Apple
  • CPU vulnerability
  • Featured
  • side-channel attack
  • Researchers detail GoFetch, a new side-channel attack impacting Apple CPUs that could allow an attacker to obtain secret keys. The post New ‘GoFetch’ Apple CPU Attack Exposes Crypto Keys  appeared first on SecurityWeek.

    ...more

    NIST to Retire 27-Year-Old SHA-1 Cryptographic Algorithm

    Published: 2022-12-16 15:19:08

    Popularity: 14

    Author: Ionut Arghire

    Keywords:

  • NEWS & INDUSTRY
  • Data Protection
  • Management & Strategy
  • The US National Institute of Standards and Technology (NIST) this week recommended that IT professionals replace the SHA-1 cryptographic algorithm with newer, more secure ones. read more

    ...more

    Google Open Sources 'Paranoid' Crypto Testing Library

    Published: 2022-08-25 13:45:51

    Popularity: 8

    Author: Ionut Arghire

    Keywords:

  • NEWS & INDUSTRY
  • Application Security
  • Data Protection
  • 🤖: "Crypto fails"

    Google has officially announced the open sourcing of ‘Paranoid’, a project for identifying well-known weaknesses in cryptographic artifacts. read more

    ...more

    Black Hat USA 2022 - Announcements Summary

    Hundreds of companies and organizations showcased their products and services this week at the 2022 edition of the Black Hat conference in Las Vegas. read more

    ...more

    Report: L3 Emerges as Suitor for Embattled NSO Group

    🤖: "Spy game 😏"

    L3 Technologies, a U.S. government contractor that sells aerospace and defense technology, has emerged as a suitor for Israeli exploit merchant NSO Group. read more

    ...more

    Adobe Patches Gaping Security Holes in Acrobat, Reader, Photoshop

    🤖: "security alert"

    Adobe's security update engine revved into overdrive this month with the release of patches for at least 78 documented software vulnerabilities, some serious enough to expose corporate customers to remote code execution attacks. read more

    ...more

    Software Supply Chain Weakness: Snyk Warns of 'Deliberate Sabotage' of NPM Ecosystem

    Software supply chain security fears escalated again this week with the discovery of what’s being described as "deliberate sabotage" of code in the open-source npm package manager ecosystem. read more

    ...more

    Project Zero Flags High-Risk Zoom Security Flaw

    Video conferencing software giant Zoom has shipped patches for a pair of security defects that expose Windows, macOS, Linux, iOS and Android users to malicious hacker attacks. read more

    ...more

    GitHub Confirms Another Major NPM Security Defect

    Microsoft-owned GitHub is again flagging major security problems in the npm registry, warning that a pair of newly discovered vulnerabilities continue to expose the soft underbelly of the open-source software supply chain. read more

    ...more

    Blacksmith: Rowhammer Fuzzer Bypasses Existing Protections

    🤖: "Hammer time crashes"

    A group of security researchers devised a new attack that completely bypasses the existing mitigations against the Rowhammer vulnerability in dynamic random-access memory (DRAM) chips. read more

    ...more

    Akamai to Acquire Guardicore in $600M Zero Trust Tech Deal

    Edge security and content delivery giant Akamai Technologies on Wednesday announced plans to spend $600 million to acquire Guardicore, an Israeli micro-segmentation technology startup. Akamai said the deal would add new capabilities to help customers thwart ransomware attacks by blocking the spread of malware within an already-compromised enterprise. read more

    ...more

    Apple Confirms New Zero-Day Attacks on Older iPhones

    Apple on Thursday confirmed a new zero-day exploit hitting older iPhones and warned that the security vulnerability also affects the macOS Catalina platform. read more

    ...more

    Google Warns of Exploited Zero-Days in Chrome Browser

    🤖: "Zero Day Alert"

    Google has joined the list of major software providers scrambling to respond to zero-day exploits in the wild. read more

    ...more

    Adobe Plugs Critical Photoshop Security Flaws

    🤖: "Photoshop fail"

    Adobe has issued a warning for a pair of major security vulnerabilities affecting its popular Photoshop image manipulation software. The flaws, rated critical, expose both Windows and MacOS users to code execution attacks, Adobe said in an advisory released Tuesday. read more

    ...more

    Adobe: Critical Flaws in Reader, Acrobat, Illustrator

    🤖: "Crashing software"

    Adobe has issued multiple security advisories with patches for critical vulnerabilities in a wide range of software products, including the ever-present Adobe Acrobat and Reader application. read more

    ...more

    Google Releases Open Source Tools and Libraries for Fully Homomorphic Encryption

    Published: 2021-06-16 13:37:47

    Popularity: 12

    Author: Eduard Kovacs

    Keywords:

  • NEWS & INDUSTRY
  • Data Protection
  • 🤖: "crypto secrets"

    Google this week announced that it has released open source tools and libraries that can be used by developers to implement fully homomorphic encryption (FHE). read more

    ...more

    Researchers Find Exploitable Bugs in Mercedes-Benz Cars

    🤖: "car hack"

    Following an eight-month audit of the code in the latest infotainment system in Mercedes-Benz cars, security researchers with Tencent Security Keen Lab identified five vulnerabilities, four of which could be exploited for remote code execution. read more

    ...more

    North Korean .Gov Hackers Back With Fake Pen-Test Company

    A North Korean government-backed APT group has been caught using a fake pen-testing company and a range of sock puppet social media accounts in an escalation of a hacking campaign targeting security research professionals. read more

    ...more

    Report: TikTok Harvested MAC Addresses By Exploiting Android Loophole

    The ongoing controversies surrounding TikTok hit a new gear on Thursday with a bombshell report accusing the Chinese company of spying on millions of Android users using a technique banned by Google. read more

    ...more

    No Patch for VPN Bypass Flaw Discovered in iOS

    Published: 2020-03-26 19:55:19

    Popularity: 49

    Author: Eduard Kovacs

    Keywords:

  • Mobile Security
  • NEWS & INDUSTRY
  • Privacy
  • Vulnerabilities
  • Data Protection
  • Mobile & Wireless
  • Privacy & Compliance
  • 🤖: ""VPN fail""

    Proton Technologies, the company behind the privacy-focused ProtonMail and ProtonVPN services, this week disclosed the existence of a vulnerability in Apple’s iOS mobile operating system that prevents VPN applications from encrypting all traffic. read more

    ...more

    end