Security Leftovers
-
Extracting Qualcomm's KeyMaster Keys - Breaking Android Full Disk Encryption
-
Hacked!
-
Security advisories for Wednesday
-
Security updates for Thursday
-
Over 100 DDoS botnets built using Linux malware for embedded devices
-
LizardStresser botnet targets IoT devices to launch 400Gbps attacks
-
LizardSquad botnet changes colour to use IoT for 400Gbps attacks
-
Crooked Cameras? New CCTV Botnet Drives Massive DDoS Attack
-
LizardStresser IoT botnet launches 400Gbps DDoS attack
-
25k connected cameras used as botnets; can your CCTV be hacked?
-
Huge CCTV Botnet Uncovered
-
Thousands of hacked CCTV devices used in DDoS attacks
-
Lizard Squad's IoT botnet launches 400Gbps DDoS attack
-
Intel is said to mull sale of its security business
Intel is considering selling its security business as the company tries to focus on delivering chips for cloud computing and connected devices, according to a news report.
The Intel Security business came largely from the company's acquisition for US$7.7 billion of security software company McAfee. Intel announced plans to bake some of the security technology into its chips to ensure higher security for its customers.
-
Ransomware Attacks May Trigger Breach Notifications
A powerful California congressman is pushing the federal government to treat ransomware attacks on medical facilities as data breaches and require notifications of patients.
The pressure is coming from Rep. Ted Lieu (D-Calif.) and follows comments from officials at the Department of Health and Human Services about the department’s plan to issue guidance to health care organizations about ransomware attacks. The Office for Civil Rights section of HHS, which has responsibility for health information privacy, will provide guidance on how to handle ransomware attacks, and Lieu is eager to ensure that the guidance specifically addresses how ransomware attacks relate to data breach regulations.
-
Exploring and exploiting Lenovo firmware secrets
Hi, everyone! In this article I will continue to publish my research of Lenovo ThinkPad’s firmware. Previously I shown how to discover and exploit SMM callout vulnerabilities on example of SystemSmmAhciAspiLegacyRt UEFI driver 1day vulnerability. Also, I introduced a small toolkit called fwexpl that provides API for comfortable development of firmware exploits for Windows platform. My previous Lenovo exploit was able to execute custom code in SMM, such conditions allow relatively easy bypass of BIOS_CNTL security mechanism which protect firmware code stored inside SPI flash chip on motherboard from unauthorized modifications by operating system (BIOS_CNTL bypass also was discussed in my another article "Breaking UEFI security with software DMA attacks").
-
How to Compromise the Enterprise Endpoint
Symantec is a popular vendor in the enterprise security market, their flagship product is Symantec Endpoint Protection. They sell various products using the same core engine in several markets, including a consumer version under the Norton brand.
Today we’re publishing details of multiple critical vulnerabilities that we discovered, including many wormable remote code execution flaws.
These vulnerabilities are as bad as it gets. They don’t require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible. In certain cases on Windows, vulnerable code is even loaded into the kernel, resulting in remote kernel memory corruption.
- Login or register to post comments
- Printer-friendly version
- 3478 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
digiKam 7.7.0 is releasedAfter three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. |
Dilution and Misuse of the "Linux" Brand
|
Samsung, Red Hat to Work on Linux Drivers for Future TechThe metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. |
today's howtos
|
Recent comments
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago