Month: August 2024
Surveillance Watch This is a fantastic project mapping the global surveillance industry. Tags: privacy, surveillance Posted on August 22, 2024 at 9:15 PM • 0 Comments Sidebar photo of Bruce Schneier by Joe MacInnis. Source link lol
Read MoreThe Qilin ransomware group has been using a new tactic and deploys a custom stealer to steal account credentials stored in Google Chrome browser. The credential-harvesting techniques has been observed by the Sophos X-Ops team during incident response engagements and marks an alarming change on the ransomware scene. Attack overview The attack that Sophos researchers analyzed…
Read MoreCircana’s Mike Crosby sees several reasons for optimism when it comes to B2B spending now through the end of 2026. Below is a transcript of the above video. Jennifer Follett, vice president of U.S. content and executive editor, CRN: I am here with Mike Crosby of Circana. Mike, thank you so much for joining me.…
Read More“‘Elemental’ was their most ambitious film to date, where each character was its own volume. It had ridiculous amounts of geometry to render each character,’” says AMD executive James Knight. “Previous to AMD and Supermicro getting together, they couldn’t have done it.” Pixar’s visually ambitious “Elemental” film required more than 150,000 EPYC CPU cores from…
Read MoreAug 22, 2024Ravie LakshmananVulnerability / Network Security SolarWinds has issued patches to address a new security flaw in its Web Help Desk (WHD) software that could allow remote unauthenticated users to gain unauthorized access to susceptible instances. “The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing [a] remote unauthenticated…
Read MoreAug 22, 2024Ravie LakshmananHardware Security / Supply Chain Attack Cybersecurity researchers have uncovered a hardware backdoor within a particular model of MIFARE Classic contactless cards that could allow authentication with an unknown key and open hotel rooms and office doors. The attacks have been demonstrated against FM11RF08S, a new variant of MIFARE Classic that was…
Read MoreMicrosoft has confirmed and fixed a known issue causing performance issues, boot problems, and freezes on Windows Server 2019 systems after installing the August 2024 security updates. The company acknowledged the issue following widespread reports from Windows admins saying that servers on their environments were experiencing performance issues and massive lags, becoming unusable after installing…
Read MoreA new Android malware named NGate can steal money from payment cards by relaying to an attacker’s device the data read by the near-field communication (NFC) chip. Specifically, NGate enables attackers to emulate victims’ cards and make unauthorized payments or withdrawal cash from ATMs.. The campaign has been active since November 2023 and is linked to a recent…
Read MoreMicrosoft has confirmed the August 2024 Windows security updates are causing Linux booting issues on dual-boot systems with Secure Boot enabled. The issue is caused by a Secure Boot Advanced Targeting (SBAT) update applied to block Linux boot loaders unpatched against the CVE-2022-2601 GRUB2 Secure Boot bypass vulnerability. “Resulting from this issue, your device might fail…
Read MoreAug 22, 2024Ravie LakshmananNetwork Security / Zero-Day Details have emerged about a China-nexus threat group’s exploitation of a recently disclosed, now-patched security flaw in Cisco switches as a zero-day to seize control of the appliance and evade detection. The activity, attributed to Velvet Ant, was observed early this year and involved the weaponization of CVE-2024-20399…
Read MoreRecent Posts
- Critical Patches Issued for Microsoft Products, November 12, 2024
- Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution
- Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
- Multiple Vulnerabilities in Citrix Products Could Allow for Remote Code Execution
- Multiple Vulnerabilities in Ivanti Endpoint Manager Could Allow for Remote Code Execution