Pool Party is a new set of eight Windows process injection techniques that evade endpoint detection and response solutions.
The post New ‘Pool Party’ Process Injection Techniques Undetected by EDR Solutions appeared first on SecurityWeek.
Future Intel, AMD and Arm CPUs Vulnerable to New ‘SLAM’ Attack: Researchers
Security features that major CPU vendors plan on integrating into their future products can increase the surface for certain types of attacks.
The post Future Intel, AMD and Arm CPUs Vulnerable to New ‘SLAM’ Attack: Researchers appeared first on SecurityWeek.
Enterprise, Consumer Devices Exposed to Attacks via Malicious UEFI Logo Images
LogoFAIL is an UEFI image parser attack allowing hackers to compromise consumer and enterprise devices using malicious logo images.
The post Enterprise, Consumer Devices Exposed to Attacks via Malicious UEFI Logo Images appeared first on SecurityWeek.
Apple Patches WebKit Flaws Exploited on Older iPhones
Apple’s security response team warns that flaws CVE-2023-42916 and CVE-2023-42917 were already exploited against versions of iOS before iOS 16.7.1.
The post Apple Patches WebKit Flaws Exploited on Older iPhones appeared first on SecurityWeek.
Critical ownCloud Flaws Lead to Sensitive Information Disclosure, Authentication Bypass
Three critical vulnerabilities in ownCloud could lead to sensitive information disclosure and authentication and validation bypass.
The post Critical ownCloud Flaws Lead to Sensitive Information Disclosure, Authentication Bypass appeared first on SecurityWeek.
Windows Hello Fingerprint Authentication Bypassed on Popular Laptops
Researchers have tested the fingerprint sensors used for Windows Hello on three popular laptops and managed to bypass them.
The post Windows Hello Fingerprint Authentication Bypassed on Popular Laptops appeared first on SecurityWeek.
Chipmaker Patch Tuesday: Intel, AMD Address Over 130 Vulnerabilities
Intel and AMD have informed their customers about a total of more than 130 vulnerabilities found in their products.
The post Chipmaker Patch Tuesday: Intel, AMD Address Over 130 Vulnerabilities appeared first on SecurityWeek.
New Intel CPU Vulnerability ‘Reptar’ Can Allow DoS Attacks, Privilege Escalation
A new Intel CPU vulnerability tracked as Reptar and CVE-2023-23583 can be exploited for DoS attacks and possibly privilege escalation.
The post New Intel CPU Vulnerability ‘Reptar’ Can Allow DoS Attacks, Privilege Escalation appeared first on SecurityWeek.
Intel Sued Over ‘Downfall’ CPU Vulnerability
A class action lawsuit has been filed against Intel over its handling of CPU speculative execution vulnerabilities, with a focus on Downfall.
The post Intel Sued Over ‘Downfall’ CPU Vulnerability appeared first on SecurityWeek.
Critical Vulnerabilities Expose Veeam ONE Software to Code Execution
Veeam Software has rolled out patches to cover code execution vulnerabilities in its Veeam ONE IT monitoring product.
The post Critical Vulnerabilities Expose Veeam ONE Software to Code Execution appeared first on SecurityWeek.
