Hi, what are you looking for?
Apple's security response team warns that flaws CVE-2023-42916 and CVE-2023-42917 were already exploited against versions of iOS before iOS 16.7.1.
Three critical vulnerabilities in ownCloud could lead to sensitive information disclosure and authentication and validation bypass.
Researchers have tested the fingerprint sensors used for Windows Hello on three popular laptops and managed to bypass them.
Intel and AMD have informed their customers about a total of more than 130 vulnerabilities found in their products.
A new Intel CPU vulnerability tracked as Reptar and CVE-2023-23583 can be exploited for DoS attacks and possibly privilege escalation.
A class action lawsuit has been filed against Intel over its handling of CPU speculative execution vulnerabilities, with a focus on Downfall.
A new power side-channel attack named Collide+Power can allow an attacker to obtain sensitive information and it works against nearly any modern CPU.
AMD has released microcode patches to address Zenbleed, a vulnerability in its Zen 2 CPUs that can allow an attacker to access sensitive information.
Two new serious vulnerabilities in AMI BMC, which is used by millions of devices, can allow attackers to take control of systems and cause...
The need for cyber resilience arises from the growing realization that traditional security measures are no longer enough to protect systems, data, and the...
Western Digital is blocking access to its cloud services for devices running firmware versions impacted by a critical security vulnerability.
CISA and the NSA have published new guidance to help organizations harden baseboard management controllers (BMCs).
Microsoft is making SMB signing a default requirement in Windows 11 Enterprise editions, starting with insider preview build 25381.
Gigabyte has announced BIOS updates that remove a recently identified backdoor feature in hundreds of its motherboards.
A backdoor feature found in hundreds of Gigabyte motherboard models can pose a significant supply chain risk to organizations.
Security agencies say the Cyber Av3ngers group targeting ICS at multiple water facilities is affiliated with the Iranian government.
While applications and cloud infrastructure present different risk profiles and require different security assessments, they must not be viewed separately with regards to enterprise...