RSS ze světa hackingu


Warning — Unpatched Critical 'Wormable' Windows SMBv3 Flaw Disclosed

Shortly after releasing its monthly batch of security updates, Microsoft late yesterday separately issued an advisory warning billions of its Windows users of a new critical, unpatched, and wormable vulnerability affecting Server Message Block 3.0 (SMBv3) network communication protocol. It appears Microsoft originally planned to fix the flaw as part of its March 2020 Patch Tuesday update only,…

Datum: 11. 3. 2020

Microsoft Issues March 2020 Updates to Patch 115 Security Flaws

Microsoft today released security updates to fix a total of 115 new security vulnerabilities in various versions of its Windows operating system and related software—making March 2020 edition the biggest ever Patch Tuesday in the company's history. Of the 115 bugs spanning its various products — Microsoft Windows, Edge browser, Internet Explorer, Exchange Server, Office, Azure, Windows…

Datum: 11. 3. 2020

L1ght Looks to Protect Internet Users from Toxic and Predatory Behavior

Cybersecurity has been regarded as a necessity for all computer users, especially today when data breaches and malware attacks have become rampant. However, one of the more overlooked aspects of cybersecurity is the prevention of other forms of cybercrime, such as the spread of harmful content and predatory behavior. Most current discussions on cybersecurity revolve around organizations…

Datum: 11. 3. 2020

Poor Rowhammer Fixes On DDR4 DRAM Chips Re-Enable Bit Flipping Attacks

Remember rowhammer vulnerability? A critical issue affecting modern DRAM (dynamic random access memory) chips that could allow attackers to obtain higher kernel privileges on a targeted system by repeatedly accessing memory cells and induce bit flips. To mitigate Rowhammer vulnerability on the latest DDR4 DRAM, many memory chip manufacturers added some defenses under the umbrella term Target…

Datum: 10. 3. 2020

Microsoft Hijacks Necurs Botnet that Infected 9 Million PCs Worldwide

Microsoft today announced that it has successfully disrupted the botnet network of the Necurs malware, which has infected more than 9 million computers globally, and also hijacked the majority of its infrastructure. The latest botnet takedown was the result of a coordinated operation involving international police and private tech companies across 35 countries. The operation was conducted…

Datum: 10. 3. 2020

LVI Attacks: New Intel CPU Vulnerability Puts Data Centers At Risk

It appears there is no end in sight to the hardware level security vulnerabilities in Intel processors, as well as to the endless 'performance killing' patches that resolve them. Modern Intel CPUs have now been found vulnerable to a new attack that involves reversely exploiting Meltdown-type data leak vulnerabilities to bypass existing defenses, two separate teams of researchers told The…

Datum: 10. 3. 2020

Ex-CIA Accused of Leaking Secret Hacking Tools to WikiLeaks Gets Mistrial

A federal judge in New York on Monday declared a mistrial in the case of a former CIA software engineer who was accused of stealing a massive trove of the agency's classified hacking and tools and leaking it to WikiLeaks whistleblower website. While the jury was unable to reach a verdict on eight counts of the theft and transmission of CIA's confidential documents, it did find ex-CIA Joshua…

Datum: 9. 3. 2020

9 Years of AMD Processors Vulnerable to 2 New Side-Channel Attacks

AMD processors from as early as 2011 to 2019 carry previously undisclosed vulnerabilities that open them to two new different side-channel attacks, according to a freshly published research. Known as "Take A Way," the new potential attack vectors leverage the L1 data (L1D) cache way predictor in AMD's Bulldozer microarchitecture to leak sensitive data from the processors and compromise the…

Datum: 9. 3. 2020

This Unpatchable Flaw Affects All Intel CPUs Released in Last 5 Years

All Intel processors released in the past 5 years contain an unpatchable vulnerability that could allow hackers to compromise almost every hardware-enabled security technology that are otherwise designed to shield sensitive data of users even when a system gets compromised. The vulnerability, tracked as CVE-2019-0090, resides in the hard-coded firmware running on the ROM ("read-only memory")…

Datum: 6. 3. 2020

Virgin Media Data Leak Exposes Details of 900,000 Customers

On the same day yesterday, when the US-based telecom giant T-Mobile admitted a data breach, the UK-based telecommunication provider Virgin Media announced that it has also suffered a data leak incident exposing the personal information of roughly 900,000 customers. What happened? Unlike the T-Mobile data breach that involved a sophisticated cyber attack, Virgin Media said the incident was…

Datum: 6. 3. 2020

Stránky: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247