Intel Plugs 29 Holes in CPUs, Bluetooth, Security
The higher-rated advisories focus on privilege-escalation bugs in CPU firmware: Tough to patch, hard to exploit, tempting to a savvy attacker. [...]
The higher-rated advisories focus on privilege-escalation bugs in CPU firmware: Tough to patch, hard to exploit, tempting to a savvy attacker. [...]
Researchers discovered a highly targeted malware campaign launched in April, in which a new, unknown threat actor used two of the vulnerabilities that Microsoft said are under active attack. [...]
The FBI and Australian law enforcement set up the encrypted chat service and ran it for over 3 years, seizing weapons, drugs and over $48m in cash. [...]
The tables have been turned, the FBI & DOJ said after announcing the use of blockchain technology to track down the contents of DarkSide's cryptocurrency wallet. [...]
“Siloscape”, the first malware to target Windows containers, breaks out of Kubernetes clusters to plant backdoors and raid nodes for credentials. [...]
The crooks pay top dollar for Google search results for the popular AnyDesk, Dropbox & Telegram apps that lead to a malicious, infostealer-packed website. [...]
Responsible nations don't harbor cybercrooks, the Biden administration admonished Russia, home to the gang that reportedly froze the global food distributor's systems. [...]
On June 8, Amazon’s pulling all its devices into a device-to-device wireless mix, inspiring FUD along the way. Now's the time to opt out if you're be-FUDdled. [...]
Some criminals package exploits into bundles to sell on cybercriminal forums years after they were zero days, while others say bounties aren't enough. [...]
The bug in HPE SIM makes it easy as pie for attackers to remotely trigger code, no user interaction necessary. [...]
The website for “BravoMovies” features fake movie posters and a FAQ with a rigged Excel spreadsheet for “cancelling” the service, but all it downloads is malware. [...]
One of the workaround XML files automatically deactivates protection from an earlier workaround: a potential path to older vulnerabilities being opened again. [...]
On Wednesday, Google quietly slipped updates into its May 3 Android security bulletin for bugs that its Project Zero group has confirmed are zero-days. [...]
Work's being done with uber-lightweight nanoagents on every IoT device to stop malicious behavior, such as a scourge of botnet attacks, among other threats. [...]
The exploit pries open CVE-2021-31166, a bug with a CVSS score of 9.8 that was the baddest of the bad in Microsoft's Patch Tuesday release last week. [...]
You can’t possibly patch all CVEs, so focus on the exploits crooks are willing to pay for, as tracked in a study of the underground exploit market. [...]
The criminal forum washed its hands of ransomware after DarkSide's pipeline attack & alleged shutdown: A "loss of servers" that didn't stop another attack. [...]
The RaaS that crippled Colonial Pipeline lost the servers it uses to pull off ransomware attacks, while REvil’s gonads shrank in response. [...]
The DBIR – Verizon’s 2021 data breach report – shows spikes in sophisticated phishing, financially motivated cyberattacks and a criminal focus on web-application servers. [...]
FBI/CISA warn about the RaaS network behind the Colonial hack, Colonial restarts operations, and researchers details groups that rent the ransomware. [...]
Wi-Fi devices going back to 1997 are vulnerable to attackers who can steal your data if they're in range. [...]
GitHub adds support for FIDO2 security keys for Git over SSH to fend off account hijacking and further its plan to stick a fork in the security bane of passwords. [...]
Security researchers mull possible perpetrators of the attack, and warned that the incident could be a harbinger of things to come. [...]
U.S. intelligence said that the Chaos iPhone remote takeover exploit was used against the minority ethnic group before Apple could patch the problem. [...]
The student opted for “free” software packed with a keylogger that grabbed credentials later used by "Totoro" to get into a biomolecular institute. [...]