Intel has done some mitigations for these vulnerabilities that can leak secrets from virtual machines, secure enclaves and kernel memory. Here's how the attacks work.
Lucian Constantin |
15 May |
Read more
By replacing a PC's SPI flash chip with one that contains rogue code, an attacker can can gain full, persistent access.
Lucian Constantin |
11 May |
Read more
A recently released exploit takes advantage of a known configuration vulnerability that persists among many on-premise and cloud SAP instances.
Lucian Constantin |
04 May |
Read more
Detected scans suggest attacker are seeking vulnerable servers to target for attacks.
Lucian Constantin |
27 Apr |
Read more
If your company uses Confluence, make sure you have the latest available patches for this vulnerability.
Lucian Constantin |
25 Apr |
Read more
The attackers stayed undetected on the victim's network for more than a year and sought out operational technology networks.
Lucian Constantin |
11 Apr |
Read more
Web-based card skimmers are becoming harder to detect and remove thanks to evolving techniques.
Lucian Constantin |
22 Mar |
Read more
A group of hackers is using a previously undocumented backdoor program designed to interact with attackers over Slack.
Lucian Constantin |
12 Mar |
Read more
New Verizon report shows a big gap between organisations' mobile security risk concerns and mobile security best practices they implement.
Lucian Constantin |
06 Mar |
Read more
The decade-old Qbot financial malware has resurfaced with an improved version in a new attack that has infected thousands of systems so far.
Lucian Constantin |
02 Mar |
Read more
If you are running an older version of Elasticsearch, make sure you've patched its known vulnerabilities or consider upgrading.
Lucian Constantin |
01 Mar |
Read more
Experts downplay discovery of a vulnerability that can expose passwords in a computer's memory. Hackers likely to take easier paths to stealing passwords.
Lucian Constantin |
28 Feb |
Read more
WootCloud researchers discover an internet of things botnet based on Mirai that exploits Polycom video conferencing systems. Polycom has issued an advisory and best practices for mitigating the risk.
Lucian Constantin |
21 Feb |
Read more
Microsoft has removed eight applications from its app store for Windows that were mining Monero crypto-currency without users' knowledge.
Lucian Constantin |
18 Feb |
Read more
New report from Risk Based Security shows a downward trend in number breaches and exposed records, Unclear if privacy regulations like GDPR are having an effect.
Lucian Constantin |
16 Feb |
Read more