Endpoint Security New ‘Pool Party’ Process Injection Techniques Undetected by EDR Solutions Pool Party is a new set of eight Windows process injection techniques that evade endpoint detection and response solutions. Ionut ArghireDecember 7, 2023
Endpoint Security Future Intel, AMD and Arm CPUs Vulnerable to New ‘SLAM’ Attack: Researchers Security features that major CPU vendors plan on integrating into their future products can increase the surface for certain types of attacks. Eduard KovacsDecember 7, 2023
Endpoint Security Enterprise, Consumer Devices Exposed to Attacks via Malicious UEFI Logo Images LogoFAIL is an UEFI image parser attack allowing hackers to compromise consumer and enterprise devices using malicious logo images. Eduard KovacsDecember 6, 2023
Endpoint Security Apple Patches WebKit Flaws Exploited on Older iPhones Apple's security response team warns that flaws CVE-2023-42916 and CVE-2023-42917 were already exploited against versions of iOS before iOS 16.7.1. Ryan NaraineNovember 30, 2023
Data Protection Critical ownCloud Flaws Lead to Sensitive Information Disclosure, Authentication Bypass Three critical vulnerabilities in ownCloud could lead to sensitive information disclosure and authentication and validation bypass. Ionut ArghireNovember 27, 2023
Endpoint Security Windows Hello Fingerprint Authentication Bypassed on Popular Laptops Researchers have tested the fingerprint sensors used for Windows Hello on three popular laptops and managed to bypass them. Eduard KovacsNovember 22, 2023
Endpoint Security Chipmaker Patch Tuesday: Intel, AMD Address Over 130 Vulnerabilities Intel and AMD have informed their customers about a total of more than 130 vulnerabilities found in their products. Eduard KovacsNovember 15, 2023
Endpoint Security New Intel CPU Vulnerability ‘Reptar’ Can Allow DoS Attacks, Privilege Escalation A new Intel CPU vulnerability tracked as Reptar and CVE-2023-23583 can be exploited for DoS attacks and possibly privilege escalation. Eduard KovacsNovember 15, 2023
Endpoint Security Intel Sued Over ‘Downfall’ CPU Vulnerability A class action lawsuit has been filed against Intel over its handling of CPU speculative execution vulnerabilities, with a focus on Downfall. Eduard KovacsNovember 10, 2023
Endpoint Security Critical Vulnerabilities Expose Veeam ONE Software to Code Execution Veeam Software has rolled out patches to cover code execution vulnerabilities in its Veeam ONE IT monitoring product. Ionut ArghireNovember 7, 2023
Endpoint Security Dozens of Kernel Drivers Allow Attackers to Alter Firmware, Escalate Privileges VMware’s Threat Analysis Unit finds 34 new vulnerable kernel drivers that can be exploited to alter or erase firmware and escalate privileges. Eduard KovacsNovember 1, 2023
Endpoint Security Apple Ships Major iOS, macOS Security Updates Apple patches dozens of serious security flaws in its macOS and iOS platforms, warning that hackers could launch code execution exploits. Ryan NaraineOctober 25, 2023