Search Results For: cvss

Research conducted by a team at the firmware security firm Binarly reveals that six vulnerabilities remain unpatched in various enterprise-grade HP laptops and desktops despite HP having developed patches for these vulnerabilities. Binarly discovered three of these vulnerabilities last year and notified HP of their... Read more...
Cybersecurity researchers from Palo Alto Networks Unit 42 have discovered a campaign exploiting multiple vulnerabilities in D-Link routers to spread botnet malware. A botnet is a network of compromised consumer or enterprise devices controlled by a threat actor to carry out malicious tasks, such as mining... Read more...
Unlike driver updates, BIOS releases typically arrive far less oftenusually when vendors add support for new CPUs, but also occasionally to improve stability and performance, or to address security vulnerabilities. Regarding the latter, HP is pushing out firmware updates for over 200 laptops and desktops to patch a... Read more...
We're roughly half way into April and you know what that meansit's time to patch Windows with this month's Patch Tuesday update (KB5012599 for Windows 10 and KB5012592 for Windows 11), which is doled out on the second Tuesday of every month. This particular one happens to be cram-packed with fixes for over 100... Read more...
A team from Binarly, a firmware protection company, recently discovered several repeatable anomalies on twenty different enterprise machines in the course of a job for a midsize enterprise company. After looking further into these anomalies and digging all the way down into the disassembly code, the team found 23... Read more...
If you own a Western Digital My Book Live, unplug it from the internet as soon as possible. WD has reported that people have been waking up to find their My Book Live devices completed wiped of installed data due to malicious software performing a factory reset. On June 23rd, WD Community Forum user sunpeak made a... Read more...
Security researchers have sounded the alarm on four BIOS vulnerabilities affecting 129 different Dell models, including various laptop and desktop systems, as well as some tablets. In total, it is estimated that around 30 million Dell systems are susceptible to the vulnerabilities and should be patched right away... Read more...
Yesterday was Microsofts routine Patch Tuesday release, which tackled quite a few vulnerabilities, 55 to be exact. Though this may seem like a lot, it is actually the smallest update from the company since 2020, but it does take care of some big problems. This includes a rather worrisome wormable HTTP protocol-stack... Read more...
Dell is one of the most popular PC brands globally, selling millions of laptops, desktops, and server systems to everyday consumers and businesses alike each year. However, SentinelLabs researchers warned this week that five critical security flaws have been lurking in its firmware update driver since the early days... Read more...
In January, Google warned security researchers about sneaky social engineering and hacking attempts coming from North Korea. Originally, the Google Threat Analysis Group (TAG), and other researchers found that the North Korean hackers blog compromised anyone who visited the website. Now, Microsoft has patched the... Read more...
While vulnerabilities crop up regularly, people need to be on the lookout, and developers need to patch their programs for everyones benefit. When a developer neglects this responsibility, people and information are left at risk. Back in August, a vulnerability that allowed a local attack and code execution on an... Read more...
A new Bluetooth security vulnerability has appeared, and this time Linux is under the gun. Andy Nguyen, an information security researcher, discovered the vulnerabilities. They are collectively known as BleedingTooth, which allows for zero-click remote code execution on Linux devices within Bluetooth range. The code... Read more...
There is a very good reason why the Department of Homeland Security recently issued an emergency directive to federal agencies to patch their Windows Servers against Zerologon. Just five days after the directive, Microsoft confirmed on Twitter that Zerologon is actively being exploited by hackers. "Microsoft is... Read more...
Earlier in the week, we reported on a dangerous exploit with Windows domain controllers called Zerologon. Now, the Cybersecurity and Infrastructure Security Agency (CISA), under the Department of Homeland Security direction, is issuing warnings about the exploit and is pushing government agencies to patch the... Read more...
Secura digital security advisors and researchers, have discovered a highly critical vulnerability with Active Directory domain controllers. Rated as a 10 of 10 on the Common Vulnerability Scoring System (CVSS), this exploit, dubbed Zerologon, allows nefarious people to take over the domain controller and... Read more...
Microsoft's July 2020 Patch Tuesday release has fixes for over 120 security vulnerabilities found in a dozen of its software products. This is typically the case with Patch Tuesday releases, but there is one vulnerability in particular that you should pay close attention to. Microsoft has announced that it released... Read more...
Quick, sound the alarms, GeForce Experience is fatally flawed and we're all doomed. DOOMED, I tell you! Just kidding (I may have had too much coffee this morning)the flaw is not fatal, and we're not doomed. However, NVIDIA really is pushing out a security update to patch a vulnerability in GeForce Experience that... Read more...
Intel has posted a security advisory saying that several of its desktop and mobile processors are susceptible to a vulnerability that could allow an attacker to alter a CPU's voltage and frequency. The goal for an attacker would be to use the exploit to swipe data from within a secured area of the CPU known as Intel... Read more...
Not long after Microsoft issued a bevy of security updates for its products during Patch Tuesday, Intel is holding its own "patch party" for its hardware and software products. Products affected includeIntel's lineup of NUC mini PCsand Compute Sticks along with a few of its software utilities. On the NUC front... Read more...
If you have an NVIDIA GPU in your Windows rig like the newSuper family of GeForce RTXgraphics cards -- now might be a good time to update your graphics driver to the latest version. NVIDIA has pushed out a new update for its graphics drivers that address a total of five security issues within Windows. The least... Read more...
Sometimes it feels as though nary a day goes by without someone sounding the alarm on a new security vulnerability. More recently, there has been a lot of hoopla over side-channel exploits, such as Spectre and Meltdown, and various other variants. Here is another one to add to your mental catalog of... Read more...
There are two main trains of thought when it comes to updating drivers. One is to always install them right away to ensure you are protected from the latest threats, and that everything is working as intended. The second is to wait a bit to make sure there are not any unintended side effects, like sending your system... Read more...
1 2 Next