Preparations for the openSUSE.Asia Summit is rolling. Following tradition, we are back with the logo contest. We are looking for a logo reflecting openSUSE and its community in Asia. The contest is open now and ends on 3 August 2016. “Geeko Mystery Box” will be sent as an appreciation for the best logo designed.
BlackBerry is working on 3 new Android phones, codenamed Neon, Argon, and Mercury
Despite reports of lackluster sales for its first Android smartphone, BlackBerry is tripling down on the platform in the coming year. According to a person briefed on the company’s plans, the Canadian manufacturer will be releasing one phone per quarter for the next three quarters.
Codenamed Neon, Argon, and Mercury, the trio will target a range of form factors and price points, according to the briefed individual.
Intel is considering selling its security business as the company tries to focus on delivering chips for cloud computing and connected devices, according to a news report.
The Intel Security business came largely from the company's acquisition for US$7.7 billion of security software company McAfee. Intel announced plans to bake some of the security technology into its chips to ensure higher security for its customers.
A powerful California congressman is pushing the federal government to treat ransomware attacks on medical facilities as data breaches and require notifications of patients.
The pressure is coming from Rep. Ted Lieu (D-Calif.) and follows comments from officials at the Department of Health and Human Services about the department’s plan to issue guidance to health care organizations about ransomware attacks. The Office for Civil Rights section of HHS, which has responsibility for health information privacy, will provide guidance on how to handle ransomware attacks, and Lieu is eager to ensure that the guidance specifically addresses how ransomware attacks relate to data breach regulations.
Hi, everyone! In this article I will continue to publish my research of Lenovo ThinkPad’s firmware. Previously I shown how to discover and exploit SMM callout vulnerabilities on example of SystemSmmAhciAspiLegacyRt UEFI driver 1day vulnerability. Also, I introduced a small toolkit called fwexpl that provides API for comfortable development of firmware exploits for Windows platform. My previous Lenovo exploit was able to execute custom code in SMM, such conditions allow relatively easy bypass of BIOS_CNTL security mechanism which protect firmware code stored inside SPI flash chip on motherboard from unauthorized modifications by operating system (BIOS_CNTL bypass also was discussed in my another article "Breaking UEFI security with software DMA attacks").
Symantec is a popular vendor in the enterprise security market, their flagship product is Symantec Endpoint Protection. They sell various products using the same core engine in several markets, including a consumer version under the Norton brand.
Today we’re publishing details of multiple critical vulnerabilities that we discovered, including many wormable remote code execution flaws.
These vulnerabilities are as bad as it gets. They don’t require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible. In certain cases on Windows, vulnerable code is even loaded into the kernel, resulting in remote kernel memory corruption.