Linkstrain-ng Slideshow

🤖: ""Boot fail""

A vulnerability impacting multiple Acer laptop models could allow an attacker to disable the Secure Boot feature and bypass security protections to install malware. read more

...more

Google Unveils KataOS 'Verifiably-Secure' Operating System for Embedded Devices

Published: 2022-10-19 10:18:02

Popularity: 14

Author: Eduard Kovacs

Keywords:

IoT Security

Google last week unveiled a new project focused on building a secure embedded platform for machine learning (ML) applications. The project’s goal is designing intelligent ambient ML systems that are secure and trustworthy. read more

...more

'DirtyCred' Vulnerability Haunting Linux Kernel for 8 Years

Published: 2022-08-23 12:35:00

Popularity: 9

Author: Ionut Arghire

Keywords:

🤖: "buggy kernel"

Academic researchers from Northwestern University have shared details on ‘DirtyCred’, a previously unknown privilege escalation vulnerability affecting the Linux kernel. read more

...more

Security Firm Discloses CrowdStrike Issue After 'Ridiculous Disclosure Process'

Published: 2022-08-23 11:29:19

Popularity: 27

Author: Eduard Kovacs

Keywords:

🤖: "Cyber Oops"

A security firm has disclosed the details of an issue affecting a CrowdStrike product after what it described as a ‘ridiculous vulnerability disclosure process’. CrowdStrike has provided some clarifications following the disclosure. read more

...more

Secure Boot Bypass Flaws Affect Bootloaders of Many Devices Made in Past Decade

Published: 2022-08-15 13:30:49

Popularity: 8

Author: Eduard Kovacs

Keywords:

🤖: "Bootjacked"

Bootloaders present in a majority of computers made in the past 10 years are affected by Secure Boot bypass vulnerabilities, according to firmware security company Eclypsium. read more

...more

Lenovo Patches UEFI Code Execution Vulnerability Affecting Many Laptops

Published: 2022-07-13 20:02:47

Popularity: 19

Author: Eduard Kovacs

Keywords:

🤖: ""UEFI bugger""

Lenovo has released a security advisory to inform customers that more than 70 of its laptops are affected by a UEFI/BIOS vulnerability that can lead to arbitrary code execution. read more

...more

Microsoft Confirms Temporary Rollback of Macro Blocking Feature

Published: 2022-07-11 17:50:26

Popularity: 10

Author: Ionut Arghire

Keywords:

Microsoft has confirmed that the recent rollback of a feature related to the blocking of internet macros in its Office suite is only temporary. read more

...more

Report: L3 Emerges as Suitor for Embattled NSO Group

Published: 2022-06-14 16:18:52

Popularity: 9

Author: Ryan Naraine

Keywords:

🤖: "Spy game 😏"

L3 Technologies, a U.S. government contractor that sells aerospace and defense technology, has emerged as a suitor for Israeli exploit merchant NSO Group. read more

...more

Firmware Flaws Allow Disabling Secure Boot on Lenovo Laptops

Published: 2022-04-19 18:46:07

Popularity: 14

Author: Ionut Arghire

Keywords:

🤖: "Boot fail"

Computer maker Lenovo has started pushing security patches to address three vulnerabilities impacting the UEFI firmware of more than 110 laptop models. read more

...more

Adobe Patches Gaping Security Holes in Acrobat, Reader, Photoshop

Published: 2022-04-12 17:36:50

Popularity: 21

Author: Ryan Naraine

Keywords:

🤖: "security alert"

Adobe's security update engine revved into overdrive this month with the release of patches for at least 78 documented software vulnerabilities, some serious enough to expose corporate customers to remote code execution attacks. read more

...more

Software Supply Chain Weakness: Snyk Warns of 'Deliberate Sabotage' of NPM Ecosystem

Published: 2022-03-17 15:58:58

Popularity: 20

Author: Ryan Naraine

Keywords:

Security Architecture

Data Protection

Software supply chain security fears escalated again this week with the discovery of what’s being described as "deliberate sabotage" of code in the open-source npm package manager ecosystem. read more

...more

New Variant of Spectre Attack Bypasses Intel and Arm Hardware Mitigations

Published: 2022-03-10 11:55:14

Popularity: 18

Author: Eduard Kovacs

Keywords:

🤖: ""Spectre strikes again""

A team of researchers from the Vrije Universiteit Amsterdam in the Netherlands has demonstrated a new Spectre attack variant that can bypass hardware mitigations implemented in recent years by Intel and Arm. read more

...more

Project Zero Flags High-Risk Zoom Security Flaw

Published: 2021-11-29 19:03:13

Popularity: 23

Author: Ryan Naraine

Keywords:

Video conferencing software giant Zoom has shipped patches for a pair of security defects that expose Windows, macOS, Linux, iOS and Android users to malicious hacker attacks. read more

...more

GitHub Confirms Another Major NPM Security Defect

Published: 2021-11-16 16:39:16

Popularity: 15

Author: Ryan Naraine

Keywords:

Security Architecture

Microsoft-owned GitHub is again flagging major security problems in the npm registry, warning that a pair of newly discovered vulnerabilities continue to expose the soft underbelly of the open-source software supply chain. read more

...more

Blacksmith: Rowhammer Fuzzer Bypasses Existing Protections

Published: 2021-11-16 20:07:55

Popularity: 4

Author: Ionut Arghire

Keywords:

🤖: "Hammer time crashes"

A group of security researchers devised a new attack that completely bypasses the existing mitigations against the Rowhammer vulnerability in dynamic random-access memory (DRAM) chips. read more

...more

Shrootless: macOS Vulnerability Found by Microsoft Allows Rootkit Installation

Published: 2021-10-29 13:28:08

Popularity: 9

Author: Ionut Arghire

Keywords:

🤖: "Rootkit alert!"

Microsoft on Thursday published information on a vulnerability in Apple’s macOS platform that could allow an attacker to bypass System Integrity Protection (SIP) and modify operating system files. read more

...more

Akamai to Acquire Guardicore in $600M Zero Trust Tech Deal

Published: 2021-09-29 17:03:38

Popularity: 5

Author: Ryan Naraine

Keywords:

Edge security and content delivery giant Akamai Technologies on Wednesday announced plans to spend $600 million to acquire Guardicore, an Israeli micro-segmentation technology startup. Akamai said the deal would add new capabilities to help customers thwart ransomware attacks by blocking the spread of malware within an already-compromised enterprise. read more

...more

Apple Confirms New Zero-Day Attacks on Older iPhones

Published: 2021-09-23 20:39:09

Popularity: 8

Author: Ryan Naraine

Keywords:

Apple on Thursday confirmed a new zero-day exploit hitting older iPhones and warned that the security vulnerability also affects the macOS Catalina platform. read more

...more

Google Warns of Exploited Zero-Days in Chrome Browser

Published: 2021-09-13 21:51:32

Popularity: 29

Author: Ryan Naraine

Keywords:

Security Architecture

Data Protection

White Papers

🤖: "Zero Day Alert"

Google has joined the list of major software providers scrambling to respond to zero-day exploits in the wild. read more

...more

Adobe Plugs Critical Photoshop Security Flaws

Published: 2021-08-17 23:14:52

Popularity: 12

Author: Ryan Naraine

Keywords:

🤖: "Photoshop fail"

Adobe has issued a warning for a pair of major security vulnerabilities affecting its popular Photoshop image manipulation software. The flaws, rated critical, expose both Windows and MacOS users to code execution attacks, Adobe said in an advisory released Tuesday. read more

...more

Adobe: Critical Flaws in Reader, Acrobat, Illustrator

Published: 2021-07-13 15:08:49

Popularity: 40

Author: Ryan Naraine

Keywords:

🤖: "Crashing software"

Adobe has issued multiple security advisories with patches for critical vulnerabilities in a wide range of software products, including the ever-present Adobe Acrobat and Reader application. read more

...more

Researchers Find Exploitable Bugs in Mercedes-Benz Cars

Published: 2021-05-18 20:24:37

Popularity: 93

Author: Ionut Arghire

Keywords:

🤖: "car hack"

Following an eight-month audit of the code in the latest infotainment system in Mercedes-Benz cars, security researchers with Tencent Security Keen Lab identified five vulnerabilities, four of which could be exploited for remote code execution. read more

...more

North Korean .Gov Hackers Back With Fake Pen-Test Company

Published: 2021-03-31 20:57:11

Popularity: 78

Author: Ryan Naraine

Keywords:

A North Korean government-backed APT group has been caught using a fake pen-testing company and a range of sock puppet social media accounts in an escalation of a hacking campaign targeting security research professionals. read more

...more

Pwn2Own 2021: Hackers Offered $200,000 for Zoom, Microsoft Teams Exploits

Published: 2021-01-27 09:49:45

Popularity: 54

Author: Eduard Kovacs

Keywords:

Trend Micro’s Zero Day Initiative (ZDI) on Tuesday announced the targets, prizes and rules for the Pwn2Own Vancouver 2021 hacking competition, a hybrid event scheduled to take place on April 6-8. read more

...more

Report: TikTok Harvested MAC Addresses By Exploiting Android Loophole

Published: 2021-01-14 16:21:03

Popularity: 287

Author: SecurityWeek News

Keywords:

The ongoing controversies surrounding TikTok hit a new gear on Thursday with a bombshell report accusing the Chinese company of spying on millions of Android users using a technique banned by Google. read more

...more

Google Releases Tool to Block USB Keystroke Injection Attacks

Published: 2020-03-12 18:25:13

Popularity: 59

Author: Ionut Arghire

Keywords: