Yesterday, we reported on a data breach at Shields Health Care Group that resulted in the theft of personal information belong to 2 million Americans. Oftentimes, data stolen in breaches like this end up on online forums or marketplaces where cybercriminals buy and sell these ill-gotten gains. Lately, US law... Read more...
On April 1st, security researchers discovered a new Android-based spyware contacting infrastructure owned by a Russian-based threat group called Turla. Once installed, this malware can lurk on a device, collecting information and audio recordings while making money for Turla in a rather peculiar way. The malware... Read more...
Two days ago, we reported that the London police arrested seven individuals between the ages of 16 and 21 years old in connection with an investigation into notorious hacking group LAPSUS$. While it is unclear if the police nabbed the group's ringleader in the arrests, it is clear that the operational security (or... Read more...
Intel today has extended its vPro platform into its 12th Gen mobile and desktop CPU lineup based on Alder Lake, and with the expansion comes some new features and additional segmentation for different size businesses and enterprise clients. As it pertains to the latter, Intel added a couple of new tiers, including... Read more...
When folks talk about major security flaws like the Log4shell exploit in Log4j, or the Eternal Silence UPnP exploit, everyone tends to panic until they're resolved. That's because those bugs are remotely exploitable, meaning that they can be used to attack a system over the internet without placing the attacker in... Read more...
Intel has published its 2021 Product Security Report and in it the company suggests its processors are far less buggy than AMD's chips. The key section is on page 28 where Intel highlights having reported 16 CPU vulnerabilities last year, whereas AMD reported 31 CPU vulnerabilities in the same time period. What can we... Read more...
If you fancy yourself an elite hacker, there could be an Intel event in your future. The chip maker announced it is expanding its bug bounty program with Project Circuit Breaker, which will provide capable hackers with opportunities to win prizes and swag by hunting for bugs in firmware, hypervisors, GPUs, chipsets... Read more...
While you may be trying to buy a Vebjörn desk or snag a deal on a Yttervåg, IKEA is trying to quell an ongoing cyberattack within its infrastructure. On Friday, it was discovered that cybercriminals were targeting IKEA employees with internal phishing attacks, using stolen reply-chain emails. Reply-chain email... Read more...
Nearly eight and a half years ago, Intel launched its 4th Generation Intel Core Processors, codenamed Haswell. In that time, researchers have discovered a number of security vulnerabilities that can typically be addressed via software and firmware updates. Unfortunately, Intel must ad one more to the list that... Read more...
If you were a threat actor, what better way to get a payload onto someone’s device than through a program that nearly everyone has installed like Google Chrome? Unfortunately, this appears to be what is happening with the Infostealer malware, masquerading as a legitimate update to the popular web browser from Google... Read more...
Earlier this year, one of the largest insurance providers in the U.S. was hit by a ransomware attack that managed to cripple its network and exfiltrate data. According to people familiar with the situation, CNA Financial Corp. out of Chicago, Illinois, paid $40 million to wrest control of its network back in... Read more...
Cyber-attacks have seemingly ramped-up in the last few weeks, like the Colonial Pipeline ransomware incident that netted a cool $5 million for the criminal attackers. Now, cyber-thugs have crippled the Irish Health Service Executive's (HSE) computer systems in what could be "the most significant cybercrime attack on... Read more...
At the start of May, researchers at the University of Virginia announced that current Spectre chip vulnerability mitigations could be bypassed entirely, bringing the ghostly security flaw back to life. Intel has now officially responded by claiming that software coded following its specific security guidance protects... Read more...
Today, Intel signed an agreement with the Defense Advanced Research Projects Agency (DARPA) to "perform in its Data Protection in Virtual Environments (DPRIVE) program." This means that the company will now be working on fully homomorphic encryption, dubbed the "holy grail" of cybersecurity or "the final frontier' in... Read more...
We are two days removed from this month's Patch Tuesday update, and if you are experiencing the odd blue screen of death (BSOD) error, applying the latest cumulative update could be the cure. Among the things it addresses, this month's Patch Tuesday update includes a fix for a weird bug that hackers could exploit to... Read more...
Over the years, lawmakers and law enforcement worldwide have been pushing for backdoors and to eliminate end-to-end encryption in devices. According to security and cryptographic research, however, law enforcement and governments can already access locked smartphones through various tools and tricks. This is mainly... Read more...
Suppose you want to block ads or find a deal on a product; thus a browser extension could come in handy. Just a simple download from the browser’s extension store, and you are ready to rock holiday deals without popups. The only catch is, just like any software you download, it can contain malicious code. In fact... Read more...
In the early days of the COVID-19 pandemic, IBM created a global security task force, called X-Force, dedicated to threat intelligence and analysis for organizations that are part of the vaccine supply chain. The work the task force has put forth has apparently yielded success as the group just announced that it... Read more...
App makers are going to have to rethink things when iOS 14 arrives, because the next version of Apple's mobile operating system has a privacy feature that likes to tattle on certain behaviors. We have seen this a few times already, with the iOS 14 beta—notably, the beta revealed TikTok and a few other apps were... Read more...
UPDATE 3/9/20 - 2:17 PM ET: Based on some of the comments, we felt it would be important to provide an update clarifying that Intel also funds chip security research on a broad scale, including on its own processors. Gruss and his team did the right thing being transparent about the funding. At the same time, it... Read more...
Imagine hitting it off with a love (or lust) interest, and then finding out the person who grabbed your attention never existed, at least not in the way you thought. Such a situation recently happened to hundreds of Israeli soldiers who fell prey to a "honey trap" campaign and contracted digital infections on their... Read more...
Mozilla is pushing out an incremental update to its Firefox browser to mitigate a critical security vulnerability. If left unpatched, the zero day threat could allow an attacker to gain full control of PC. Indeed, Mozilla is aware of malicious actors leveraging the flaw in the wild, so if you use Firefox, it is in... Read more...
1 2 3 4 Next