August 27, 2024 at 04:11PM Intel’s SGX security system vulnerability has been highlighted, allowing an attacker full access to secure enclaves due to a coding error. Although Intel claims physical access is required, and prior vulnerabilities need exploiting, the risk remains significant. The issue lies in SGX software, potentially compromising trusted enclaves. This poses a … Read more
January 23, 2024 at 01:48PM Three vulnerabilities in Lamassu Douro bitcoin ATMs allowed attackers with physical access to take over and steal user assets, as reported by IOActive. The vulnerabilities, tracked as CVE-2024-0175, CVE-2024-0176, and CVE-2024-0177, enabled attackers to execute an attack with the same level of access as regular customers. Lamassu fixed the bugs … Read more
January 11, 2024 at 09:07AM A session management issue (CVE-2024-0230) impacting Bluetooth accessories was addressed with improved checks. The update, released on January 9, 2024, mitigates the risk of attackers extracting Bluetooth pairing keys and monitoring traffic. Affected products include various Magic Keyboards, with an available update to address the issue. Based on the meeting … Read more