Collaborate Disseminate
A vulnerability dubbed PKfail can allow attackers to run malicious code during the boot process, which can be used to deliver UEFI bootkits.
The post PKfail Vulnerability Allows Secure Boot Bypass on Hundreds of Computer Models appeared first on Secur… Continue reading PKfail Vulnerability Allows Secure Boot Bypass on Hundreds of Computer Models
CrowdStrike says 97% of Windows systems impacted by its bad update are back online, just as an insurer predicts billions in losses for major companies.
The post 97% of Devices Disrupted by CrowdStrike Restored as Insurer Estimates Billions in Losses ap… Continue reading 97% of Devices Disrupted by CrowdStrike Restored as Insurer Estimates Billions in Losses
Nvidia has patched high-severity vulnerabilities in its Jetson, Mellanox OS, OnyX, Skyway, and MetroX products.
The post Nvidia Patches High-Severity Vulnerabilities in AI, Networking Products appeared first on SecurityWeek.
Continue reading Nvidia Patches High-Severity Vulnerabilities in AI, Networking Products
Siemens has released out-of-band updates to patch two potentially serious vulnerabilities in products used in energy supply.
The post Siemens Patches Power Grid Product Flaw Allowing Backdoor Deployment appeared first on SecurityWeek.
Continue reading Siemens Patches Power Grid Product Flaw Allowing Backdoor Deployment
Vanta has raised $150 million in a Series C funding round and it plans on using the money to fuel expansion and AI innovation.
The post Vanta Raises $150 Million at $2.45 Billion Valuation appeared first on SecurityWeek.
Continue reading Vanta Raises $150 Million at $2.45 Billion Valuation
CrowdStrike has shared a preliminary incident review, explaining why the update that caused global chaos was not caught by testing.
The post CrowdStrike Explains Why Bad Update Was Not Properly Tested appeared first on SecurityWeek.
Continue reading CrowdStrike Explains Why Bad Update Was Not Properly Tested
CrowdStrike tested a new technique to speed up the remediation of systems impacted by the recent bad update.
The post CrowdStrike Speeding Up Remediation of Systems Hit by Blue Screen of Death appeared first on SecurityWeek.
Continue reading CrowdStrike Speeding Up Remediation of Systems Hit by Blue Screen of Death
The FrostyGoop ICS malware was used recently in an attack against a Ukrainian energy firm that resulted in loss of heating for many buildings.
The post FrostyGoop ICS Malware Left Ukrainian City’s Residents Without Heating appeared first on Secur… Continue reading FrostyGoop ICS Malware Left Ukrainian City’s Residents Without Heating
Cloud security giant Wiz will stick to its original plan and pursue an IPO, walking away from a $23 billion deal with Google.
The post Wiz to Pursue IPO as It Walks Away From $23 Billion Google Deal appeared first on SecurityWeek.
Continue reading Wiz to Pursue IPO as It Walks Away From $23 Billion Google Deal
Safety equipment product maker Cadre Holdings was hit by a cyberattack that has impacted some of the company’s operations.
The post Safety Equipment Giant Cadre Holdings Hit by Cyberattack appeared first on SecurityWeek.
Continue reading Safety Equipment Giant Cadre Holdings Hit by Cyberattack