Critical 'LogoFAIL' Bugs Offer Secure Boot Bypass for Millions of PCs

Categorieën: Diensten | Vakmensen Zakelijke goederen Financieel Kantoor Marketing Retail Detailhandel Industrie Machines Leeftijd: 14 t/m 18 jaar 19 t/m 30 jaar 31 t/m 64 jaar

Laden...

11 maanden geleden

Html
Tekst

Hundreds of consumer and enterprise-grade x86 and ARM models from various vendors, including Intel, Acer, and Lenovo, are potentially vulnerable to bootkits and takeover

Follow Dark Reading:

December 04, 2023

LATEST SECURITY NEWS & COMMENTARY

Critical 'LogoFAIL' Bugs Offer Secure Boot Bypass for Millions of PCs Hundreds of consumer and enterprise-grade x86 and ARM models from various vendors, including Intel, Acer, and Lenovo, are potentially vulnerable to bootkits and takeover. Simple Hacking Technique Can Extract ChatGPT Training Data Apparently all it takes to get a chatbot to start spilling its secrets is prompting it to repeat certain words like "poem" forever. North Korea APT Slapped With Cyber Sanctions After Satellite Launch Sanctions on Kimsuky/APT43 focuses the world on disrupting DPRK regime's sprawling cybercrime operations, expert says. Japan's Space Program at Risk After Microsoft Active Directory Breach The agency, known as JAXA, has shut down parts of its network as it conducts an investigation to discover the scope and impact of the breach. Emirates CISOs Flag Rampant Cybersecurity Gaps UAE security leaders warn that people, tech, and process gaps are exposing their organizations to cybercrime. The US Needs to Follow Germany's Attack-Detection Mandate A more proactive approach to fighting cyberattacks for US companies and agencies is shaping up under the CISA's proposal to emphasize real-time attack detection and response. Interpol Arrests Smuggler With New Biometric Screening Database Interpol has upgraded its biometric background check tech. It'll help catch criminals, but will it protect sensitive, immutable data belonging to the innocent? MORE NEWS / MORE COMMENTARY


HOT TOPICS
Siemens PLCs Still Vulnerable to Stuxnet-like Cyberattacks Security updates are tedious and difficult, so users continue to use a weak version of a core protocol and remain exposed to major attacks on critical infrastructure. 8 Tips on Leveraging AI Tools Without Compromising Security AI tools can deliver quick and easy results and offer huge business benefits — but they also bring hidden risks. Feds Seize 'Sinbad' Crypto Mixer Used by North Korea's Lazarus The prolific threat actor has laundered hundreds of millions of dollars in stolen virtual currency through the service. MORE

EDITORS' CHOICE

Okta Breach Widens to Affect 100% of Customer Base Early disclosures related to September compromise insisted less than 1% of Okta customers were impacted; now, the company says it was all of them. LATEST FROM THE EDGE
10 Holiday Gifts For Stressed-Out Security Pros These office giving-friendly fidgets, stress balls, brain teasers, and more are perfect to calm the most harried cybersecurity professionals. LATEST FROM DR TECHNOLOGY
The European Space Agency Explores Cybersecurity for Space Industry An ESA cybersecurity expert explains how space-based data and services benefit from public investment in space programs. LATEST FROM DR GLOBAL
Saudi Companies Outsource Cybersecurity Amid 'Serious' Incidents Saudi companies are seeking extra help in droves, because of a lack of tools and personnel.

WEBINARS

Modern Supply Chain Security: Integrated, Interconnected, and Context-Driven

In this session, you'll learn what a holistic approach to SSCS requires, including a comprehensive inventory of your supply chain, connecting risks across the development lifecycle, and leveraging code-to-runtime context to prioritize risks. We'll provide examples of "toxic combinations" between ...

Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and Phishing

Many of today's most damaging cyberattacks begin with a phishing lure delivered over corporate email. The attacks against Microsoft Exchange illustrated the extent of damage attackers can inflict by targeting enterprise email servers. Many enterprises still don't have a unified ...

View More Dark Reading Webinars >>

WHITE PAPERS

9 Traits You Need to Succeed as a Cybersecurity Leader The Ultimate Guide to the CISSP

View More White Papers >>

FEATURED REPORTS

The State of Supply Chain Threats Concerns Mount Over Ransomware, Zero-Day Bugs, and AI-Enabled Malware Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks

The most profound change to enterprise security with the rise of remote work is the way endpoint security has moved from last line of defense to being on the frontline. The user's endpoint is the first device attackers encounter, making ...

View More Dark Reading Reports >>

PRODUCTS & RELEASES

Flow Security Launches GenAI DLP The Latest Delinea Secret Server Release Boosts Usability With New Features Code Scanner by Piiano Helps Enterprises Prevent Data Leaks Proactively MORE PRODUCTS & RELEASES

CURRENT ISSUE

Tips for a Streamlined Transition to Zero Trust
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES

Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA

To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.

Thoughts about this newsletter? Give us feedback.

Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:

If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.

We take your privacy very seriously. Please review our Privacy Statement.

Deel deze op

Laden...

Andere nieuwsbrieven van Informationweek.com

Ransomware Attack on Blue Yonder Hits Starbucks, Supermarkets | Fancy Bear's Nearest Neighbor Uses Nearby Wi-Fi Network Informationweek.com
16 uren geleden
How to Create an Accurate IT Project Timeline Informationweek.com
18 uren geleden
'RomCom' APT Mounts Zero-Day, Zero-Click Browser Escapes in Firefox, Tor Informationweek.com
20 uren geleden

Meer nieuwsbrieven van Informationweek.com

Laden...

Gerelateerde nieuwsbrieven

Bekijk andere categorieën

Diensten | Vakmensen Zakelijke goederen Financieel Kantoor Marketing Retail Detailhandel Industrie Machines

Critical 'LogoFAIL' Bugs Offer Secure Boot Bypass for Millions of PCs

Tips for a Streamlined Transition to Zero Trust

Deel deze op

Andere nieuwsbrieven van Informationweek.com

Gerelateerde nieuwsbrieven

Bekijk andere categorieën