Thursday, September 20, 2018

Researchers Heat Up Cold-Boot Attack That Works on All Laptops

The attack bypasses BIOS mitigations for cold-boot compromise on models from Apple, Dell, Lenovo and all others made in the last 10 years. Source link

E.U.: Tech Giants Face Big Fines, 1 Hour Limit to Remove Extremist Content

The rules would apply to all hosting service providers offering services in the E.U., regardless of size, even if they’re not based there. Source link

Election security, hacking, Congress, Russian hacking

Election securitySecuring Americans’ votesPublished 14 September 2018To protect the integrity and security of U.S. elections, all local, state, and federal elections should be conducted using human-readable paper ballots by the...

Cisco Umbrella Enterprise Roaming Client Privilege Escalation Vulnerability

Cisco has released free software updates that address the vulnerability described in this advisory. Customers may only install and expect support for software versions and feature sets for which they...

High-Severity Flaws Patched in Schneider Electric Products

The Schneider Electric PowerLogic PM5560 and Modicon M221 are both susceptible to attack via an array of high-severity flaws. Source link

ThreatList: Microsoft Macros Remain Top Vector for Malware Delivery

The second-most popular delivery method is CVE-2017-11882, a patched Microsoft vulnerability that allows the attacker to perform arbitrary code-execution. Source link

Apple Finally Boots Sneaky Adware Doctor App from Mac App Store

Hours after researchers publicly disclosed an app that was caught stealing and uploading browser history data, Apple removed it from the Mac App Store. Source link

Experts Bemoan Shortcomings with IoT Security Bill

The infosec community say California's IoT security bill is "nice," but doesn't hit on the important issues. Source link

New Threat Actor ‘Rocke’: A Rising Monero Cryptomining Menace

A threat actor been spotted on a number of honeypots looking to download and execute malicious cryptomining malware. Source link

APT10 Under Close Scrutiny as Potentially Linked to Chinese Ministry of State Security

An advanced threat actor has been associated with China’s Ministry of State Security via two individuals and a Chinese firm. Source link

LATEST NEWS

MUST READ