System administrators have even less time to patch disclosed security vulnerabilities than previously thought, as a…
Category: Security
Luca Stealer malware spreads after code appears on GitHub
Cool, another Rust project … Oh wait… Read more…
Experts Uncover New ‘CosmicStrand’ UEFI Firmware Rootkit Used by Chinese Hackers
Researchers have discovered a new UEFI firmware rootkit malware, dubbed “CosmicStrand,” that Chinese hackers have been…
Hardcoded password in Confluence app has been leaked on Twitter
Advisory had already warned hardcoded password was “trivial to obtain.” Read more at Ars Technica…
New Linux Malware Framework Lets Attackers Install Rootkit on Targeted Systems
Researchers uncover “Lightning Framework,” a new Swiss Army Knife-like Linux malware that has modular plugins and…
Researcher uses 379-year-old algorithm to crack crypto keys found in the wild
It takes only a second to crack the handful of weak keys. Are there more out…
Linux has been bitten by its most high-severity vulnerability in years
Dirty Pipe has the potential to smudge people using Linux and Linux derivitives. Read more at…
New Linux Kernel cgroups Vulnerability Could Let Attackers Escape Container
A new vulnerability in the Linux kernel’s control groups feature could let attackers to escape a…
Linux developers patch security holes faster than anyone else, says Google Project Zero | ZDNet
Linux programmers do a better job of patching security holes than programmers at Apple, Google, and…
Millions of Routers Exposed to RCE by USB Kernel Bug
The high-severity RCE flaw is in the KCodes NetUSB kernel module, used by popular routers from…
Raspberry Pi Detects Malware Using Electromagnetic Waves
Researchers take antivirus support to the next level with the Raspberry Pi. Read more at Tom’s…
DDR4 memory protections are broken wide open by new Rowhammer technique
Researchers build “fuzzer” that supercharges potentially serious bitflipping exploits. Read more at Ars Technica…
PS5 Exploit: Fail0verflow show decrypted PS5 firmware files (they already have the PS5 keys???) – Wololo.net
What a day for the PS5 scene! After TheFloW shared what appears to be a PS5…
The Deep-Learning Algorithm Can Guess an ATM PIN, Even With Keypads Covered
The algorithm only fails to guess the ATM PIN with 100% hand coverage. Whereas the attackers…
Python ransomware strikes virtual machines in ‘ultra-high-speed’ attacks
The attack was unique for its speed and use of a Python ransomware Read more at…
Wireless key-logger hidden inside USB-C to Lightning cable
A USB-C to Lightning cable with a hidden wireless key-logger can enable an attacker to capture…
AI Wrote Better Phishing Emails Than Humans in a Recent Test
Researchers found that tools like OpenAI’s GPT-3 helped craft devilishly effective spearphishing messages. Read more at…
Software downloaded 30,000 times from PyPI ransacked developers’ machines
Expect to see more of these “Frankenstein” malware packages, researchers warn. Read more at Ars Technica…
Pegasus Spyware: This New App Says It Can Instantly Check For Pegasus
Pegasus spyware might be becoming a bit easier to find, because iVerify has added the capability…
4 vulnerabilities under attack give hackers full control of Android devices
Google updates a 2-week-old security bulletin to say some vulnerabilities were 0-days. Read more at Ars…