Collaborate Disseminate
Why is SandboxEscaper releasing vulnerabilities in such an irresponsible way? It matters not – Microsoft must patch what’s in front of it whatever the backstory. Continue reading Microsoft’s battle with SandboxEscaper zero days turns into grim Groundhog Day
A trader believes he could easily have obtained admin access to the site and potentially have stolen the funds of its 600,000 users. Continue reading Trading site DX.Exchange spills gobs of user data
The flaw offered attackers a way of executing keystroke injection to take control of a Windows PC running Logitech Options. Continue reading Logitech flaw fixed after Project Zero disclosure
A security researcher has published a zero-day flaw in a commonly-used virtual machine management system without notifying the vendor, justifying it with a scathing critique of the infosecurity industry. Continue reading Ranting researcher publishes VM-busting zero-day without warning
Six routers with serious security flaws are considered end of life (EOL) and may never be updated. Continue reading Serious D-Link router security flaws may never be patched
Yubico has been drawn into a rare public spat over how the discovery of a security flaw affecting it products was credited. Continue reading Researchers claim Chrome bug bounty paid to the wrong people
Semiconductor giant AMD said today that attackers wouldn’t likely abuse the vulnerabilities recently found in its products: they would need administrative access, and that kind of access would allow for far more effective attacks than the exploit… Continue reading AMD downplays CPU flaw discovery, says hackers would need admin rights anyway
AMD has finally acknowledged 13 critical vulnerabilities, and exploitable backdoors in its Ryzen and EPYC processors disclosed earlier this month by Israel-based CTS Labs and promised to roll out firmware patches for millions of affected devices ‘in th… Continue reading AMD Acknowledges Newly Disclosed Flaws In Its Processors — Patches Coming Soon
Some major anti-virus software vendors were forced to reconfigure their programs after Microsoft rolled out a patch that changed their products’ processing architecture, industry experts tell CyberScoop. In response to the “Spectre” and “Meltdown” vulnerabilities, which affect nearly every microchip created since 1995, Microsoft immediately offered a software patch that would prevent attackers from targeting these flaws. Microsoft and Amazon — much like the microchip makers — have known about the two vulnerabilities for months but have been under a strict embargo. During this timeframe, Microsoft worked on creating an adequate software update that could remediate the problems. However, due to the embargo, many cybersecurity companies were left in the dark; entirely unaware that either Microsoft or the microchip industry was dealing with the issue. This lapse in coordination is currently causing major headaches for security companies. Microsoft’s emergency update causes the operating system to change how it processes data at the kernel level. Processes […]
The post Microsoft’s chip patch is messing with anti-virus products appeared first on Cyberscoop.
Continue reading Microsoft’s chip patch is messing with anti-virus products
Believe it or not, there are quite a few people out there who have purchased gun safes that can be remotely unlocked by Bluetooth. Now we can understand why somebody might think this was a good idea: the convenience of being able to hit a button on your phone and have your weapon available in the heat of the moment is arguably a big selling point for people who are purchasing something like this for home defense. But those with a more technical mind will likely wonder if the inherent risks of having your firearm (or other valuables) protected by …read more
