New Reptar CPU flaw impacts Intel desktop and server systems

November 14, 2023 at 06:20PM Intel has fixed a high-severity CPU vulnerability that affects modern desktop, server, mobile, and embedded CPUs, including the latest microarchitectures. The flaw, known as CVE-2023-23583, allows attackers to escalate privileges, access sensitive information, or cause denial of service. Intel recommends updating affected processors with the latest microcode and provides mitigation … Read more

New CacheWarp AMD CPU attack lets hackers gain root in Linux VMs

November 14, 2023 at 03:34PM CacheWarp, a new software-based fault injection attack, allows threat actors to hack into AMD SEV-protected virtual machines. The attack exploits vulnerabilities in AMD’s SEV-ES and SEV-SNP technology, designed to protect against malicious hypervisors. Malicious actors can manipulate memory writes to escalate privileges and gain remote code execution. Security researchers have … Read more

CacheWarp Attack: New Vulnerability in AMD SEV Exposes Encrypted VMs

November 14, 2023 at 02:27PM Researchers from the CISPA Helmholtz Center for Information Security have discovered a new software fault attack called CacheWarp that targets AMD’s Secure Encrypted Virtualization (SEV) technology. The attack exploits a vulnerability in SEV to infiltrate encrypted virtual machines and achieve privilege escalation. AMD has released a microcode update to address … Read more

Protected Virtual Machines Exposed to New ‘CacheWarp’ AMD CPU Attack

November 14, 2023 at 01:45PM Researchers have discovered a new attack method called CacheWarp that affects AMD processors. It poses a risk to protected virtual machines by allowing hackers to hijack control flow, break into encrypted VMs, and escalate privileges. CacheWarp is a software-based fault injection attack resulting from an architectural bug in AMD CPUs. … Read more

Experts Expose Farnetwork’s Ransomware-as-a-Service Business Model

November 8, 2023 at 03:21AM Cybersecurity researchers have identified a threat actor known as farnetwork, who has been involved in multiple ransomware-as-a-service (RaaS) programs, including JSWORM, Nefilim, Karma, and Nemty. They have recently launched their own RaaS program using the Nokoyawa ransomware. The threat actor is adept at using stolen corporate account credentials to carry … Read more

‘Looney Tunables’ Glibc Vulnerability Exploited in Cloud Attacks 

November 6, 2023 at 09:00AM A serious privilege escalation vulnerability, known as CVE-2023-4911 or Looney Tunables, has been exploited by the Kinsing threat group. The group, known for its cryptojacking operations, has targeted major Linux distributions. They have also started collecting new types of information, indicating a potential shift in their activities. Security firm Aqua … Read more

Dozens of Kernel Drivers Allow Attackers to Alter Firmware, Escalate Privileges

November 1, 2023 at 11:46AM VMware Carbon Black’s Threat Analysis Unit (TAU) found numerous previously unknown vulnerable kernel drivers that could be used by attackers to modify firmware or escalate privileges. After analyzing 18,000 Windows driver samples, TAU identified 34 unique vulnerable drivers, including ones from major BIOS and chip makers. Exploiting these drivers can … Read more

Apple Ships Major iOS, macOS Security Updates

October 25, 2023 at 03:57PM Apple released major security updates for macOS and iOS, addressing numerous vulnerabilities that could potentially lead to hacker attacks. The updates address a total of 21 iOS security vulnerabilities and 44 macOS flaws, including code execution and data exposure issues. Apple also patched an already-exploited vulnerability reported by Kaspersky. The … Read more

Cisco Zero-Day Exploited to Implant Malicious Lua Backdoor on Thousands of Devices

October 21, 2023 at 12:33AM Cisco has alerted users to a zero-day flaw in IOS XE that has been actively exploited by an unknown threat actor. The flaw, tracked as CVE-2023-20273, allows for privilege escalation and the deployment of a malicious implant. Cisco has identified a fix and recommends disabling the HTTP server feature until … Read more

Cisco discloses new IOS XE zero-day exploited to deploy malware implant

October 20, 2023 at 06:17PM Cisco has disclosed two high-severity zero-day vulnerabilities, CVE-2023-20198 and CVE-2023-20273, being actively exploited to compromise Cisco IOS XE devices. The company has found fixes for both vulnerabilities and plans to release them on October 22. Over 40,000 devices have already been compromised. System administrators are urged to disable the vulnerable … Read more