Endpoint Security

New Supermicro BMC Vulnerabilities Could Expose Many Servers to Remote Attacks

Endpoint Security, Vulnerabilities /

New Supermicro BMC Vulnerabilities Could Expose Many Servers to Remote Attacks 04/10/2023 at 18:16 By Ionut Arghire Supermicro has released BMC IPMI firmware updates to address multiple vulnerabilities impacting select motherboard models. The post New Supermicro BMC Vulnerabilities Could Expose Many Servers to Remote Attacks appeared first on SecurityWeek. This article is an excerpt from […]

React to this headline:

Loading spinner

New Supermicro BMC Vulnerabilities Could Expose Many Servers to Remote Attacks Read More »

New GPU Side-Channel Attack Allows Malicious Websites to Steal Data

Endpoint Security, GPU, side-channel attack /

New GPU Side-Channel Attack Allows Malicious Websites to Steal Data 27/09/2023 at 12:32 By Eduard Kovacs GPUs from AMD, Apple, Arm, Intel, Nvidia and Qualcomm are vulnerable to a new type of side-channel attack named GPU.zip. The post New GPU Side-Channel Attack Allows Malicious Websites to Steal Data appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

New GPU Side-Channel Attack Allows Malicious Websites to Steal Data Read More »

Microsoft Adding New Security Features to Windows 11

Endpoint Security, Microsoft, Windows /

Microsoft Adding New Security Features to Windows 11 26/09/2023 at 20:46 By Eduard Kovacs Microsoft announced that the latest Windows 11 update (23H2) will bring more support for passkeys and several new security features.   The post Microsoft Adding New Security Features to Windows 11 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Microsoft Adding New Security Features to Windows 11 Read More »

Critical Trend Micro vulnerability exploited in the wild (CVE-2023-41179)

Don't miss, Endpoint Security, enterprise, Hot stuff, News, patch, security update, Trend Micro, vulnerability /

Critical Trend Micro vulnerability exploited in the wild (CVE-2023-41179) 21/09/2023 at 11:46 By Zeljka Zorz Trend Micro has fixed a critical zero-day vulnerability (CVE-2023-41179) in several of its endpoint security products for enterprises that has been spotted being exploited in the wild. About CVE-2023-41179 The nature of the flaw hasn’t been revealed, but we know

React to this headline:

Loading spinner

Critical Trend Micro vulnerability exploited in the wild (CVE-2023-41179) Read More »

Intel Launches New Attestation Service as Part of Trust Authority Portfolio

cloud security, Endpoint Security /

Intel Launches New Attestation Service as Part of Trust Authority Portfolio 20/09/2023 at 21:31 By Eduard Kovacs Intel announces general availability of attestation service that is part of Trust Authority, a new portfolio of security software and services. The post Intel Launches New Attestation Service as Part of Trust Authority Portfolio appeared first on SecurityWeek.

React to this headline:

Loading spinner

Intel Launches New Attestation Service as Part of Trust Authority Portfolio Read More »

Trend Micro Patches Exploited Zero-Day Vulnerability in Endpoint Security Products

Endpoint Security, exploited, Trend Micro, Vulnerabilities, Zero-Day /

Trend Micro Patches Exploited Zero-Day Vulnerability in Endpoint Security Products 19/09/2023 at 15:47 By Eduard Kovacs Trend Micro has patched CVE-2023-41179, an Apex One zero-day code execution vulnerability that has been exploited in attacks.  The post Trend Micro Patches Exploited Zero-Day Vulnerability in Endpoint Security Products appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Trend Micro Patches Exploited Zero-Day Vulnerability in Endpoint Security Products Read More »

Google Extends Chromebook Lifespan, Promises 10 Years of Automatic Updates

Endpoint Security, Management & Strategy, Vulnerabilities /

Google Extends Chromebook Lifespan, Promises 10 Years of Automatic Updates 18/09/2023 at 18:09 By Ionut Arghire Google Chromebooks released from 2021 and onwards will receive automatic updates, including security patches, for 10 years. The post Google Extends Chromebook Lifespan, Promises 10 Years of Automatic Updates appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Google Extends Chromebook Lifespan, Promises 10 Years of Automatic Updates Read More »

Emsisoft Tells Users to Update Products, Reboot Systems Due to Certificate Mishap

certificate, Emsisoft, Endpoint Security /

Emsisoft Tells Users to Update Products, Reboot Systems Due to Certificate Mishap 08/09/2023 at 15:02 By Ionut Arghire Emsisoft urges its users to update anti-malware and other security products after signing them with an improperly issued digital certificate. The post Emsisoft Tells Users to Update Products, Reboot Systems Due to Certificate Mishap appeared first on

React to this headline:

Loading spinner

Emsisoft Tells Users to Update Products, Reboot Systems Due to Certificate Mishap Read More »

Companies Respond to ‘Downfall’ Intel CPU Vulnerability 

Endpoint Security, Vulnerabilities /

Companies Respond to ‘Downfall’ Intel CPU Vulnerability  18/08/2023 at 15:49 By Eduard Kovacs Several major companies have published advisories in response to the Downfall vulnerability affecting Intel CPUs. The post Companies Respond to ‘Downfall’ Intel CPU Vulnerability  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

Companies Respond to ‘Downfall’ Intel CPU Vulnerability  Read More »

Iagona ScrutisWeb Vulnerabilities Could Expose ATMs to Remote Hacking

ATM, Endpoint Security, Featured, Vulnerabilities, vulnerability /

Iagona ScrutisWeb Vulnerabilities Could Expose ATMs to Remote Hacking 14/08/2023 at 13:46 By Eduard Kovacs Several vulnerabilities discovered in Iagona ScrutisWeb ATM fleet monitoring software could be exploited to remotely hack ATMs. The post Iagona ScrutisWeb Vulnerabilities Could Expose ATMs to Remote Hacking appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Iagona ScrutisWeb Vulnerabilities Could Expose ATMs to Remote Hacking Read More »

Automated Security Control Assessment: When Self-Awareness Matters

ASCA, Endpoint Security /

Automated Security Control Assessment: When Self-Awareness Matters 09/08/2023 at 15:17 By Torsten George Automated Security Control Assessment enhances security posture by verifying proper, consistent configurations of security controls, rather than merely confirming their existence. The post Automated Security Control Assessment: When Self-Awareness Matters appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Automated Security Control Assessment: When Self-Awareness Matters Read More »

Intel Addresses 80 Firmware, Software Vulnerabilities

Endpoint Security, Intel, patch, Patch Tuesday, Vulnerabilities /

Intel Addresses 80 Firmware, Software Vulnerabilities 09/08/2023 at 15:17 By Eduard Kovacs Intel has addressed 80 vulnerabilities affecting its products, including 18 high-severity privilege escalation and DoS flaws. The post Intel Addresses 80 Firmware, Software Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Loading spinner

Intel Addresses 80 Firmware, Software Vulnerabilities Read More »

New ‘Inception’ Side-Channel Attack Targets AMD Processors

Amd, CPU, Endpoint Security, Vulnerabilities /

New ‘Inception’ Side-Channel Attack Targets AMD Processors 09/08/2023 at 12:17 By Eduard Kovacs Researchers have disclosed the details of a new side-channel attack targeting AMD CPUs named Inception. The post New ‘Inception’ Side-Channel Attack Targets AMD Processors appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

New ‘Inception’ Side-Channel Attack Targets AMD Processors Read More »

Downfall: New Intel CPU Attack Exposing Sensitive Information

CPU, Endpoint Security, Featured, Intel, Vulnerabilities /

Downfall: New Intel CPU Attack Exposing Sensitive Information 09/08/2023 at 09:32 By Eduard Kovacs Google researcher discloses the details of an Intel CPU attack method named Downfall that may be remotely exploitable. The post Downfall: New Intel CPU Attack Exposing Sensitive Information appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Downfall: New Intel CPU Attack Exposing Sensitive Information Read More »

The ransomware rollercoaster continues as criminals advance their business models

Black Hat USA 2023, CVE, cybercrime, cybersecurity, Endpoint Security, Fortinet, Malware, MITRE, News, Ransomware, report, survey /

The ransomware rollercoaster continues as criminals advance their business models 09/08/2023 at 06:02 By Help Net Security Ransomware shows no signs of slowing, with ransomware activity ending 13 times higher than at the start of 2023 as a proportion of all malware detections, according to Fortinet. Ransomware detections 1H 2023 FortiGuard Labs has documented substantial

React to this headline:

Loading spinner

The ransomware rollercoaster continues as criminals advance their business models Read More »

Nearly All Modern CPUs Leak Data to New Collide+Power Side-Channel Attack

CPU, Endpoint Security, Featured, side-channel attack /

Nearly All Modern CPUs Leak Data to New Collide+Power Side-Channel Attack 01/08/2023 at 20:15 By Eduard Kovacs A new power side-channel attack named Collide+Power can allow an attacker to obtain sensitive information and it works against nearly any modern CPU. The post Nearly All Modern CPUs Leak Data to New Collide+Power Side-Channel Attack appeared first

React to this headline:

Loading spinner

Nearly All Modern CPUs Leak Data to New Collide+Power Side-Channel Attack Read More »

AMD CPU Vulnerability ‘Zenbleed’ Can Expose Sensitive Information

Endpoint Security, Vulnerabilities /

AMD CPU Vulnerability ‘Zenbleed’ Can Expose Sensitive Information 25/07/2023 at 15:48 By Eduard Kovacs AMD has released microcode patches to address Zenbleed, a vulnerability in its Zen 2 CPUs that can allow an attacker to access sensitive information. The post AMD CPU Vulnerability ‘Zenbleed’ Can Expose Sensitive Information appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

AMD CPU Vulnerability ‘Zenbleed’ Can Expose Sensitive Information Read More »

New AMI BMC Flaws Allowing Takeover and Physical Damage Could Impact Millions of Devices

AMI, BMC, Endpoint Security, Vulnerabilities /

New AMI BMC Flaws Allowing Takeover and Physical Damage Could Impact Millions of Devices 20/07/2023 at 21:18 By Eduard Kovacs Two new serious vulnerabilities in AMI BMC, which is used by millions of devices, can allow attackers to take control of systems and cause physical damage. The post New AMI BMC Flaws Allowing Takeover and

React to this headline:

Loading spinner

New AMI BMC Flaws Allowing Takeover and Physical Damage Could Impact Millions of Devices Read More »

MOVEit: Testing the Limits of Supply Chain Security

Endpoint Security, MOVEit, Risk Management /

MOVEit: Testing the Limits of Supply Chain Security 12/07/2023 at 14:54 By Torsten George The need for cyber resilience arises from the growing realization that traditional security measures are no longer enough to protect systems, data, and the network from compromise. The post MOVEit: Testing the Limits of Supply Chain Security appeared first on SecurityWeek.

React to this headline:

Loading spinner

MOVEit: Testing the Limits of Supply Chain Security Read More »

Microsoft Revokes Many Signed Drivers Used by Chinese Cybercriminals

certificates, China, cybercrime, driver, Endpoint Security /

Microsoft Revokes Many Signed Drivers Used by Chinese Cybercriminals 12/07/2023 at 14:54 By Eduard Kovacs Microsoft has revoked signed drivers used for post-exploitation activity, in many cases by Chinese cybercriminals. The post Microsoft Revokes Many Signed Drivers Used by Chinese Cybercriminals appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Microsoft Revokes Many Signed Drivers Used by Chinese Cybercriminals Read More »

Scroll to Top