Category Archives: Uncategorized

Intel fixes high-severity CPU bug that causes “very strange behavior”

reader comments 15 with Intel on Tuesday pushed microcode updates to fix a high-severity CPU bug that has the potential to be maliciously exploited against cloud-based hosts. The flaw, affecting virtually all modern Intel CPUs, causes them to “enter a glitch state where the normal rules don’t apply,” Tavis Ormandy, one of several security researchers… Read More »

This tiny device is sending updated iPhones into a never-ending DoS loop

Enlarge / A fully updated iPhone (left) after being force crashed by a Flipper Zero (right). Jeroen van der Ham reader comments 153 with One morning two weeks ago, security researcher Jeroen van der Ham was traveling by train in the Netherlands when his iPhone suddenly displayed a series of pop-up windows that made it… Read More »

Hackers can force iOS and macOS browsers to divulge passwords and much more

Kim et al. reader comments 49 with Researchers have devised an attack that forces Apple’s Safari browser to divulge passwords, Gmail message content, and other secrets by exploiting a side channel vulnerability in the A- and M-series CPUs running modern iOS and macOS devices. iLeakage, as the academic researchers have named the attack, is practical… Read More »

GPUs from all major suppliers are vulnerable to new pixel-stealing attack

reader comments 10 with GPUs from all six of the major suppliers are vulnerable to a newly discovered attack that allows malicious websites to read the usernames, passwords, and other sensitive visual data displayed by other websites, researchers have demonstrated in a paper published Tuesday. The cross-origin attack allows a malicious website from one domain—say,… Read More »

How China gets free intel on tech companies’ vulnerabilities

Wired staff; Getty Images reader comments 46 with For state-sponsored hacking operations, unpatched vulnerabilities are valuable ammunition. Intelligence agencies and militaries seize on hackable bugs when they’re revealed—exploiting them to carry out their campaigns of espionage or cyberwar—or spend millions to dig up new ones or to buy them in secret from the hacker gray… Read More »

Mastodon fixes critical “TootRoot” vulnerability allowing node hijacking

reader comments 12 with The maintainers of the open source software that powers the Mastodon social network published a security update on Thursday that patches a critical vulnerability making it possible for hackers to backdoor the servers that push content to individual users. Mastodon is based on a federated model. The federation comprises thousands of… Read More »

Messenger billed as better than Signal is riddled with vulnerabilities

Getty Images reader comments 60 with 0 posters participating Share this story Academic researchers have discovered serious vulnerabilities in the core of Threema, an instant messenger that its Switzerland-based developer says provides a level of security and privacy “no other chat service” can offer. Despite the unusually strong claims and two independent security audits Threema… Read More »

Kremlin-backed hackers targeted a “large” petroleum refinery in a NATO nation

Enlarge / Fawley Oil Refinery on a bright day. Getty Images reader comments 43 with 0 posters participating Share this story One of the Kremlin’s most active hacking groups targeting Ukraine recently tried to hack a large petroleum refining company located in a NATO country. The attack is a sign that the group is expanding… Read More »

Prosecutors charge 6 people for allegedly waging massive DDoS attacks

Getty Images reader comments 16 with 0 posters participating Share this story Federal prosecutors on Wednesday charged six people for allegedly operating websites that launched millions of powerful distributed denial-of-service attacks on a wide array of victims on behalf of millions of paying customers. The sites promoted themselves as booter or stressor services designed to… Read More »