Thunderbolt flaws affect millions of computers – even locking unattended devices won’t help

A Dutch researcher has detailed nine attack scenarios that work against all computers with Thunderbolt shipped since 2011 and which allow an attacker with physical access to quickly steal data from encrypted drives and memory. Researcher Björn Ruytenberg detailed the Read More …

Starbleed bug impacts FPGA chips used in data centers, IoT devices, industrial equipment

A team of academics says they’ve discovered a new security bug that impacts Xilinx FPGA (Field Programmable Gate Arrays) chipsets. Named Starbleed, the bug allows attackers — with both physical or remote access — to extract and tamper with an Read More …

Modern RAM used for computers, smartphones still vulnerable to Rowhammer attacks

According to new research published today, modern RAM cards are still vulnerable to Rowhammer attacks despite extensive mitigations that have been deployed by manufacturers over the past six years. These mitigations, collectively referred to as Target Row Refresh (TRR), are Read More …

Five years after the Equation Group HDD hacks, firmware security still sucks

In a report published today, Eclypsium, a cyber-security firm specialized in firmware security, says that the issue of unsigned firmware is still a widespread problem among device and peripheral manufactures. According to researchers, many device makers still don’t sign the Read More …

3 Critical Bugs Allow Remote Attacks on Cisco NX-OS and Switches

Cisco Systems has issued patches for three critical vulnerabilities impacting a key tool for managing its network platform and switches. The bugs could allow an unauthenticated, remote attacker to bypass endpoint authentication and execute arbitrary actions with administrative privileges on Read More …

DDoS Attacks and IoT Exploits: New Activity from Momentum Botnet

Trend Micro recently found notable malware activity affecting devices running Linux, a platform that has battled numerous issues just this year. Further analysis of retrieved malware samples revealed that these actions were connected to a botnet called Momentum (named for the Read More …

New ransomware attacks target your NAS devices, backup storage

The number of ransomware strains targeting NAS and backup storage devices is growing, with users “unprepared” for the threat, researchers say. Ransomware comes in many forms and guises. The malware variant is popular with cybercriminals and is used in attacks against Read More …