Microsoft last month pushed a silent update that patched a processor side channel data leak in all CPUs Intel has introduced since 2012, researchers who discovered the flaw said Tuesday. The vulnerability—discovered and privately reported to Intel 12 months ago—resided in every CPU Intel has introduced since at least its Ivy Bridge line of processors and possibly earlier, a researcher from security firm Bitdefender...
Google security officials are advising Windows users to ensure they’re using the latest version 10 of the Microsoft operating system to protect themselves against a “serious” unpatched vulnerability that attackers have been actively exploiting in the wild. Unidentified attackers have been combining an exploit for the unpatched local privilege escalation in Windows with one for a separate security flaw in the Chrome browser that...
Earlier this year two major vulnerabilities were discovered which affected the core processes of the computer. Named as Spectre and Meltdown, these “speculative execution” vulnerabilities meant hackers could steal data by simply visiting a website. Though there were no known incidents of these vulnerabilities being exploited in the wild, the processor microcode patches could have up to a 30% impact on the performance of...
I’m going to be talking about several things, Malwarebytes, the Malwarebytes Ambassador program, and what that also means for Lunarsoft. Recently, I was accepted into a special program to help raise awareness to people about the importance of your security and malware removal online. This is the Malwarebytes Ambassador program. Since Malwarebytes established their website and forums, I’ve also been a resident expert on...
Intel Corp., trying to defuse concern that fixes to widespread chip security vulnerabilities will slow computers, released test results late Wednesday showing that personal computers won’t be affected much and promised more information on servers. The chipmaker published a table of data showing that older processors handled typical tasks 10 percent slower at most, after being updated with security patches. The information covered three...
If someone invites you to edit a file in Google Docs today, don’t open it — it may be spam from a phishing scheme that’s been spreading quickly this afternoon. As detailed on Reddit, the attack sends targets an emailed invitation from someone they may know, takes them to a real Google sign-in screen, then asks them to “continue to Google Docs.” But this...
The Google Pixel fell to a team of Chinese hackers alongside Apple Safari and Adobe Flash at the PwnFest hacking competition in Seoul on Friday. Mountain View’s latest offering was smashed by white-hat friendlies from Qihoo 360, who used an undisclosed vulnerability to gain remote code execution for $120,000 cash prize. The exploit launched the Google Play store before opening Chrome and displaying a...
Microsoft released 14 new security bulletins on Tuesday, in which, it addressed many security issues including a vulnerability actively exploited by a Russia-linked group and several other bugs for which exploits are publicly available. One of the security updates is MS16-135, a bulletin rated Important on severity level. MS16-135 resolves two information disclosure and three privilege elevation vulnerabilities, including a Windows kernel bug exploited...
What’s worse than knowing that innocent looking JPEGs, PDFs and font files can hijack your iPhone, iPad, and iPod. Yes, attackers can take over your vulnerable Apple’s iOS device remotely – all they have to do is trick you to view a maliciously-crafted JPEG graphic or PDF file through a website or an email, which could allow them to execute malicious code on your...
A serious vulnerability that has been present for nine years in virtually all versions of the Linux operating system is under active exploit, according to researchers who are advising users to install a patch as soon as possible. While CVE-2016-5195, as the bug is cataloged, amounts to a mere privilege-escalation vulnerability rather than a more serious code-execution vulnerability, there are several reasons many researchers...
Recent Forum Activity