reader comments 15 with Intel on Tuesday pushed microcode updates to fix a high-severity CPU bug that has the potential to be maliciously exploited against cloud-based hosts. The flaw, affecting virtually all modern Intel CPUs, causes them to “enter a glitch state where the normal rules don’t apply,” Tavis Ormandy, one of several security researchers… Read More »
Enlarge / A fully updated iPhone (left) after being force crashed by a Flipper Zero (right). Jeroen van der Ham reader comments 153 with One morning two weeks ago, security researcher Jeroen van der Ham was traveling by train in the Netherlands when his iPhone suddenly displayed a series of pop-up windows that made it… Read More »
Kim et al. reader comments 49 with Researchers have devised an attack that forces Apple’s Safari browser to divulge passwords, Gmail message content, and other secrets by exploiting a side channel vulnerability in the A- and M-series CPUs running modern iOS and macOS devices. iLeakage, as the academic researchers have named the attack, is practical… Read More »
reader comments 10 with GPUs from all six of the major suppliers are vulnerable to a newly discovered attack that allows malicious websites to read the usernames, passwords, and other sensitive visual data displayed by other websites, researchers have demonstrated in a paper published Tuesday. The cross-origin attack allows a malicious website from one domain—say,… Read More »
Wired staff; Getty Images reader comments 46 with For state-sponsored hacking operations, unpatched vulnerabilities are valuable ammunition. Intelligence agencies and militaries seize on hackable bugs when they’re revealed—exploiting them to carry out their campaigns of espionage or cyberwar—or spend millions to dig up new ones or to buy them in secret from the hacker gray… Read More »
reader comments 12 with The maintainers of the open source software that powers the Mastodon social network published a security update on Thursday that patches a critical vulnerability making it possible for hackers to backdoor the servers that push content to individual users. Mastodon is based on a federated model. The federation comprises thousands of… Read More »
Getty Images reader comments 18 with A platform that provides plugin software for the wildly popular Minecraft game is advising users to immediately stop downloading or updating mods after discovering malware has been injected into dozens of offerings it makes available online. The mod-developer accounts were hosted by CurseForge, a platform that hosts accounts and… Read More »
Getty Images reader comments 60 with 0 posters participating Share this story Academic researchers have discovered serious vulnerabilities in the core of Threema, an instant messenger that its Switzerland-based developer says provides a level of security and privacy “no other chat service” can offer. Despite the unusually strong claims and two independent security audits Threema… Read More »
Enlarge / Fawley Oil Refinery on a bright day. Getty Images reader comments 43 with 0 posters participating Share this story One of the Kremlin’s most active hacking groups targeting Ukraine recently tried to hack a large petroleum refining company located in a NATO country. The attack is a sign that the group is expanding… Read More »
Getty Images reader comments 16 with 0 posters participating Share this story Federal prosecutors on Wednesday charged six people for allegedly operating websites that launched millions of powerful distributed denial-of-service attacks on a wide array of victims on behalf of millions of paying customers. The sites promoted themselves as booter or stressor services designed to… Read More »