Category Archives: Endpoint Security

Chipmaker Patch Tuesday: AMD and Intel Patch Over 100 Vulnerabilities

Posted on by

AMD and Intel patch dozens of vulnerabilities on February 2024 Patch Tuesday, including multiple high-severity bugs.
The post Chipmaker Patch Tuesday: AMD and Intel Patch Over 100 Vulnerabilities appeared first on SecurityWeek.
Continue reading Chipmaker Patch Tuesday: AMD and Intel Patch Over 100 Vulnerabilities

ESET Patches High-Severity Vulnerability in Secure Traffic Scanning Feature

Posted on by

ESET has patched CVE-2023-5594, a high-severity vulnerability that can cause a browser to trust websites that should not be trusted.
The post ESET Patches High-Severity Vulnerability in Secure Traffic Scanning Feature appeared first on SecurityWeek.
Continue reading ESET Patches High-Severity Vulnerability in Secure Traffic Scanning Feature

“Pool Party” process injection techniques evade EDRs

Posted on by

SafeBreach researchers have discovered eight new process injection techniques that can be used to covertly execute malicious code on Windows systems. Dubbed “Pool Party” because they (ab)use Windows thread pools, these process injection tec… Continue reading “Pool Party” process injection techniques evade EDRs

New ‘Pool Party’ Process Injection Techniques Undetected by EDR Solutions

Posted on by

Pool Party is a new set of eight Windows process injection techniques that evade endpoint detection and response solutions.
The post New ‘Pool Party’ Process Injection Techniques Undetected by EDR Solutions appeared first on SecurityWeek.
Continue reading New ‘Pool Party’ Process Injection Techniques Undetected by EDR Solutions

Future Intel, AMD and Arm CPUs Vulnerable to New ‘SLAM’ Attack: Researchers

Posted on by

Security features that major CPU vendors plan on integrating into their future products can increase the surface for certain types of attacks.
The post Future Intel, AMD and Arm CPUs Vulnerable to New ‘SLAM’ Attack: Researchers appeared fir… Continue reading Future Intel, AMD and Arm CPUs Vulnerable to New ‘SLAM’ Attack: Researchers

Enterprise, Consumer Devices Exposed to Attacks via Malicious UEFI Logo Images

Posted on by

LogoFAIL is an UEFI image parser attack allowing hackers to compromise consumer and enterprise devices using malicious logo images.
The post Enterprise, Consumer Devices Exposed to Attacks via Malicious UEFI Logo Images appeared first on SecurityWeek.
Continue reading Enterprise, Consumer Devices Exposed to Attacks via Malicious UEFI Logo Images

Apple Patches WebKit Flaws Exploited on Older iPhones

Posted on by

Apple’s security response team warns that flaws CVE-2023-42916 and CVE-2023-42917 were already exploited against versions of iOS before iOS 16.7.1.
The post Apple Patches WebKit Flaws Exploited on Older iPhones appeared first on SecurityWeek.
Continue reading Apple Patches WebKit Flaws Exploited on Older iPhones

Critical ownCloud Flaws Lead to Sensitive Information Disclosure, Authentication Bypass

Posted on by

Three critical vulnerabilities in ownCloud could lead to sensitive information disclosure and authentication and validation bypass.
The post Critical ownCloud Flaws Lead to Sensitive Information Disclosure, Authentication Bypass appeared first on Secur… Continue reading Critical ownCloud Flaws Lead to Sensitive Information Disclosure, Authentication Bypass