Deploying low-level malware implants Once an attacker manages to execute malicious code inside the SMM they could potentially inject a persistent malware implant inside the UEFI, but this depends on the platform’s configuration, as UEFI can have additional protections such as AMD’s ROM Armor, which controls access to the SPI flash memory where UEFI is…
Read More
Aug 09, 2024Ravie LakshmananCloud Security / Data Protection Cybersecurity researchers have discovered multiple critical flaws in Amazon Web Services (AWS) offerings that, if successfully exploited, could result in serious consequences. “The impact of these vulnerabilities range between remote code execution (RCE), full-service user takeover (which might provide powerful administrative access), manipulation of AI modules, exposing…
Read More
The infosecurity world came together in Las Vegas this week for Black Hat USA 2024, offering presentations and product announcements that will give CISOs plenty to consider. Here are the top takeaways CISOs should keep in mind when adapting their cybersecurity strategies going forward. [For more Black Hat USA coverage, see “Black Hat: Latest news…
Read MoreFriday Squid Blogging: SQUID Is a New Computational Tool for Analyzing Genomic AI Yet another SQUID acronym: SQUID, short for Surrogate Quantitative Interpretability for Deepnets, is a computational tool created by Cold Spring Harbor Laboratory (CSHL) scientists. It’s designed to help interpret how AI models analyze the genome. Compared with other analysis tools, SQUID is…
Read More
Russia’s telecommunications watchdog Roskomnadzor has restricted access to the Signal encrypted messaging service for what it describes as violations of Russian anti-terrorism and anti-extremism legislation. “User access to the messenger Signal is restricted due to violations of the requirements of the Russian legislation whose fulfillment is necessary to prevent the use of the messenger for…
Read More
Aug 09, 2024Ravie LakshmananVulnerability / Network Security Microsoft on Thursday disclosed four medium-severity security flaws in the open-source OpenVPN software that could be chained to achieve remote code execution (RCE) and local privilege escalation (LPE). “This attack chain could enable attackers to gain full control over targeted endpoints, potentially resulting in data breaches, system compromise,…
Read More
CSC ServiceWorks, a leading provider of commercial laundry services and air vending solutions, has disclosed a data breach after the personal information of an undisclosed number of individuals was exposed in a 2023 cyberattack. The company discovered the incident on February 4, 2024, after detecting unusual activity on its network. Subsequently, external cybersecurity experts hired…
Read More
Thousands of Cisco employees will be affected by a new layoff round, which could be announced next week, according to a Reuters report. Cisco will reportedly lay off around 4,000 employees in its second round of job cuts this year as the world’s largest networking company doubles down on artificial intelligence. According to a report…
Read More
AMD is warning about a high-severity CPU vulnerability named SinkClose that impacts multiple generations of its EPYC, Ryzen, and Threadripper processors. The vulnerability allows attackers with Kernel-level (Ring 0) privileges to gain Ring -2 privileges and install malware that becomes nearly undetectable. Ring -2 is one of the highest privilege levels on a computer, running…
Read More
Microsoft has disclosed a high-severity zero-day vulnerability affecting Office 2016 and later, which is still waiting for a patch. Tracked as CVE-2024-38200, this security flaw is caused by an information disclosure weakness that enables unauthorized actors to access protected information such as system status or configuration data, personal info, or connection metadata. The zero-day impacts…
Read More