Computer users have been searching “Are Bengal cats legal in Australia?” after falling victim to an unusual cyber attack, the New York Post reported. Cybersecurity… Article Source https://www.ndtv.com/world-news/typing-these-6-words-on-google-could-leave-you-vulnerable-to-hackers-6993905
Jack Wallen/ZDNET If you follow the Android Security Bulletin, then you might have noticed a listing for the November security patch level that includes two critical vulnerabilities, which are: CVE-2024-43047 CVE-2024-43093 According to the… Article Source https://www.zdnet.com/article/your-android-device-is-vulnerable-to-attack-and-googles-fix-is-imminent/
SecurityWeek reports that over 20,000 internet-exposed VMware ESXi hypervisors continue to be impacted by the actively exploited medium-severity authentication bypass vulnerability, tracked as CVE-2024-37085, by the end of July, one week after… Source link
Cisco recently disclosed that dozens of its networking and communications devices are likely vulnerable to a SSH vulnerability that could allow remote code execution. The company confirmed that 42 products are affected, including those in network management, security, routing and switching, unified computing, voice, video streaming, and wireless. Additionally, 51 products in the same lines … Read more
Five years after the Spectre and Meltdown CPU attacks, researchers have discovered a new variant called Indirector that exploits low-level features of Intel CPUs to break security boundaries and leak protected data. This technique, developed by researchers at the University of California, San Diego, targets the indirect branch predictor (IBP) and branch target buffer (BTB) … Read more
In recent cybersecurity news, a senator has been putting pressure on the Cybersecurity and Infrastructure Security Agency (CISA) to step up their efforts in protecting critical infrastructure. The senator’s actions come as a response to growing concerns over cyber threats to essential services and systems. Meanwhile, a new cyber threat has emerged in the form … Read more
Researchers at UCSD have identified a new method to conduct Spectre-like side-channel attacks on high-end Intel CPUs, such as Raptor Lake and Alder Lake processors. This technique, called Director, leverages speculative execution features in Intel CPUs to manipulate a program’s control flow and potentially leak sensitive data. The attack was tested on various Intel CPUs, … Read more
Cisco recently addressed a critical zero-day vulnerability in its NX-OS software that was exploited in April attacks by the Chinese state-sponsored threat actor known as Velvet Ant. The vulnerability, tracked as CVE-2024-20399, allowed attackers with valid administrator credentials to execute arbitrary commands on affected devices. Velvet Ant used this flaw to install custom malware on … Read more
Researchers at the University of California have uncovered a new security vulnerability in modern Intel processors, specifically targeting the Raptor Lake and Alder Lake generations. This vulnerability, known as “Indirector,” exploits the Indirect Branch Predictor (IBP) component to carry out precise branch target injection attacks, bypassing existing defenses and potentially compromising a large number of … Read more
A new vulnerability has been discovered in the UEFI firmware that poses a security threat to various Intel chip families, similar to past exploits like BlackLotus. Security workshop Eclypsium has disclosed the CVE-2024-0762 vulnerability to Phoenix Technologies, whose UEFI firmware is affected. This firmware is used in a wide range of Windows laptops, tablets, desktops, … Read more