Black Hat USA 2022 - Announcements Summary

Published: 2022-08-12 10:23:58

Popularity: 11

Author: Eduard Kovacs

Keywords:

Security Architecture

Data Protection

Security Infrastructure

Management & Strategy

Hundreds of companies and organizations showcased their products and services this week at the 2022 edition of the Black Hat conference in Las Vegas. read more

...more

Report: L3 Emerges as Suitor for Embattled NSO Group

Published: 2022-06-14 16:18:52

Popularity: 9

Author: Ryan Naraine

Keywords:

Fraud & Identity Theft

Tracking & Law Enforcement

🤖: "Spy game 😏"

L3 Technologies, a U.S. government contractor that sells aerospace and defense technology, has emerged as a suitor for Israeli exploit merchant NSO Group. read more

...more

Firmware Flaws Allow Disabling Secure Boot on Lenovo Laptops

Published: 2022-04-19 18:46:07

Popularity: 14

Author: Ionut Arghire

Keywords:

🤖: "Boot fail"

Computer maker Lenovo has started pushing security patches to address three vulnerabilities impacting the UEFI firmware of more than 110 laptop models. read more

...more

Adobe Patches Gaping Security Holes in Acrobat, Reader, Photoshop

Published: 2022-04-12 17:36:50

Popularity: 21

Author: Ryan Naraine

Keywords:

🤖: "security alert"

Adobe's security update engine revved into overdrive this month with the release of patches for at least 78 documented software vulnerabilities, some serious enough to expose corporate customers to remote code execution attacks. read more

...more

Software Supply Chain Weakness: Snyk Warns of 'Deliberate Sabotage' of NPM Ecosystem

Published: 2022-03-17 15:58:58

Popularity: 20

Author: Ryan Naraine

Keywords:

Security Architecture

Vulnerabilities

Data Protection

Software supply chain security fears escalated again this week with the discovery of what’s being described as "deliberate sabotage" of code in the open-source npm package manager ecosystem. read more

...more

Project Zero Flags High-Risk Zoom Security Flaw

Published: 2021-11-29 19:03:13

Popularity: 23

Author: Ryan Naraine

Keywords:

Video conferencing software giant Zoom has shipped patches for a pair of security defects that expose Windows, macOS, Linux, iOS and Android users to malicious hacker attacks. read more

...more

Blacksmith: Rowhammer Fuzzer Bypasses Existing Protections

Published: 2021-11-16 20:07:55

Popularity: 4

Author: Ionut Arghire

Keywords:

Fraud & Identity Theft

🤖: "Hammer time crashes"

A group of security researchers devised a new attack that completely bypasses the existing mitigations against the Rowhammer vulnerability in dynamic random-access memory (DRAM) chips. read more

...more

Yubico Enables Biometric Logins With New YubiKey Bio Series

Published: 2021-10-06 14:14:31

Popularity: 8

Author: Ionut Arghire

Keywords:

NEWS & INDUSTRY

Identity & Access

Yubico this week announced the general availability of YubiKey Bio Series, its first security key to support biometric authentication on desktop computers. read more

...more

Akamai to Acquire Guardicore in $600M Zero Trust Tech Deal

Published: 2021-09-29 17:03:38

Popularity: 5

Author: Ryan Naraine

Keywords:

Fraud & Identity Theft

Edge security and content delivery giant Akamai Technologies on Wednesday announced plans to spend $600 million to acquire Guardicore, an Israeli micro-segmentation technology startup. Akamai said the deal would add new capabilities to help customers thwart ransomware attacks by blocking the spread of malware within an already-compromised enterprise. read more

...more

Apple Confirms New Zero-Day Attacks on Older iPhones

Published: 2021-09-23 20:39:09

Popularity: 8

Author: Ryan Naraine

Keywords:

Tracking & Law Enforcement

Apple on Thursday confirmed a new zero-day exploit hitting older iPhones and warned that the security vulnerability also affects the macOS Catalina platform. read more

...more

Google Warns of Exploited Zero-Days in Chrome Browser

Published: 2021-09-13 21:51:32

Popularity: 29

Author: Ryan Naraine

Keywords:

Fraud & Identity Theft

Security Architecture

Vulnerabilities

Data Protection

White Papers

🤖: "Zero Day Alert"

Google has joined the list of major software providers scrambling to respond to zero-day exploits in the wild. read more

...more

Adobe: Critical Flaws in Reader, Acrobat, Illustrator

Published: 2021-07-13 15:08:49

Popularity: 40

Author: Ryan Naraine

Keywords:

Fraud & Identity Theft

🤖: "Crashing software"

Adobe has issued multiple security advisories with patches for critical vulnerabilities in a wide range of software products, including the ever-present Adobe Acrobat and Reader application. read more

...more

Researchers Find Exploitable Bugs in Mercedes-Benz Cars

Published: 2021-05-18 20:24:37

Popularity: 93

Author: Ionut Arghire

Keywords:

Tracking & Law Enforcement

🤖: "car hack"

Following an eight-month audit of the code in the latest infotainment system in Mercedes-Benz cars, security researchers with Tencent Security Keen Lab identified five vulnerabilities, four of which could be exploited for remote code execution. read more

...more

Google Releases Tool to Block USB Keystroke Injection Attacks

Published: 2020-03-12 18:25:13

Popularity: 59

Author: Ionut Arghire

Keywords:

Endpoint Security

NEWS & INDUSTRY

Identity & Access

Google has released a new software tool designed to identify potential USB keystroke injection attacks and block devices they originate from. read more

...more

Vulnerability Patched in Firefox Password Manager

Published: 2019-08-15 18:04:13

Popularity: 38

Author: Eduard Kovacs

Keywords:

NEWS & INDUSTRY

Identity & Access

Vulnerabilities

🤖: "Browser blues"

The latest update released by Mozilla for Firefox patches a vulnerability that can be exploited to bypass the master password of the built-in password manager and obtain stored passwords. read more

...more

Threat Actor Poisons OpenPGP Certificates

Published: 2019-07-01 15:30:03

Popularity: 29

Author: Ionut Arghire

Keywords:

🤖: "Crypto chaos"

Poisoned certificates are in the OpenPGP SKS keyserver network after an unknown threat actor targeted the OpenPGP certificates of two high-profile community contributors. read more

...more