The ArcaneDoor campaign is an example of state-sponsored actors targeting perimeter network devices from various vendors, focusing on espionage. These devices serve as a critical entry point into networks and need regular patching, updated hardware, and close monitoring for security. Identified as UAT4356 by Cisco’s Talos team, the actor utilized backdoors called “Line Runner” and … Read more
Cybersecurity firm Eclypsium has uncovered significant security vulnerabilities in the Phoenix SecureCore UEFI firmware used by various Intel CPU and motherboard vendors across different generations. These vulnerabilities, dubbed “UEFIcanhazbufferoverflow,” are due to an insecure call to the UEFI service “GetVariable,” which could lead to a stack buffer overflow and allow malicious code execution. This kind … Read more
Intel’s high-end desktop CPUs, particularly the Core i9 and Core i7 processors in the 13th and 14th generation families, have been experiencing stability issues during certain games and applications. The root cause of these crashes has not been identified by Intel, but they are actively working on it. A recent report from Igor’s laboratory claimed … Read more
Two vulnerabilities have been discovered in NetScaler ADC and NetScaler Gateway, previously known as Citrix ADC and Citrix Gateway, impacting six supported versions. The first vulnerability, CVE-2023-6548, requires access to NSIP, CLIP, or SNIP with access to the management interface, allowing threat actors to authenticate remote code execution on the device. The severity of this … Read more
Millions of Google Chrome users are being urged to update their browsers immediately after a dangerous “high-level” vulnerability was discovered by researchers. The vulnerability, known as CVE-2024-5274, is a type confusion bug in the V8 JavaScript and WebAssembly engine. Google’s Threat Analysis team and Chrome Security flagged the issue on May 20, revealing that it … Read more
Former British Marine accused of espionage for Hong Kong’s intelligence service, Matthew Trickett, was found dead in a park in Virginity, a town west of London. Trickett, along with two other men, was charged under the British National Security Act for aiding the Hong Kong Intelligence Service. Tensions between London and Beijing have been rising … Read more
Microsoft has announced new computers with artificial intelligence capabilities built directly into its Windows operating system. The goal is to create computers that can better understand human users, rather than the other way around. These advanced AI tools are designed to boost PC sales and reinvigorate interest in the stagnant market. The new Copilot+ PCs … Read more
VMware has released security updates addressing vulnerabilities in its Workstation and Fusion products. These vulnerabilities include a use-after-free issue in the Bluetooth device, a heap buffer overflow in shader functionality, an information disclosure flaw in Bluetooth, and a similar flaw in Host Guest File Sharing (HGFS). Users are advised to update to Workstation versions 17.5.2 … Read more