#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

dell computers | Breaking Cybersecurity News | The Hacker News

Dell Releases A New Cybersecurity Utility To Detect BIOS Attacks

Dell Releases A New Cybersecurity Utility To Detect BIOS Attacks

Apr 14, 2020
Computer manufacturing giant Dell has released a new security tool for its commercial customers that aims to protect their computers from stealthy and sophisticated cyberattacks involving the compromise of the BIOS. Dubbed ' SafeBIOS Events & Indicators of Attack ' (IoA), the new endpoint security software is a behavior-based threat detection system that alerts users when BIOS settings of their computers undergo some unusual changes. BIOS (Basic Input Output System) is a small but highly-privileged program that handles critical operations and starts your computer before handing it over to your operating system. Protecting the BIOS program is crucial because: Changes to the system BIOS settings could allow malicious software to run during the boot process, Once a hacker takes over the BIOS, he can stealthily control the targeted computer and gain access to the data stored on it, Malware in BIOS remains persistent and doesn't get away even when you format or
Pre-Installed Software Flaw Exposes Most Dell Computers to Remote Hacking

Pre-Installed Software Flaw Exposes Most Dell Computers to Remote Hacking

May 02, 2019
If you use a Dell computer, then beware — hackers could compromise your system remotely. Bill Demirkapi, a 17-year-old independent security researcher, has discovered a critical remote code execution vulnerability in the Dell SupportAssist utility that comes pre-installed on most Dell computers . Dell SupportAssist , formerly known as Dell System Detect , checks the health of your computer system's hardware and software. The utility has been designed to interact with the Dell Support website and automatically detect Service Tag or Express Service Code of your Dell product, scan the existing device drivers and install missing or available driver updates, as well as perform hardware diagnostic tests. If you are wondering how it works, Dell SupportAssist in the background runs a web server locally on the user system, either on port 8884, 8883, 8886, or port 8885, and accepts various commands as URL parameters to perform some-predefined tasks on the computer, like collecting
Hands-on Review: Myrror Security Code-Aware and Attack-Aware SCA

Hands-on Review: Myrror Security Code-Aware and Attack-Aware SCA

Feb 09, 2024Static Code Analysis
Introduction The modern software supply chain represents an ever-evolving threat landscape, with each package added to the manifest introducing new attack vectors. To meet industry requirements, organizations must maintain a fast-paced development process while staying up-to-date with the latest security patches. However, in practice, developers often face a large amount of security work without clear prioritization - and miss a significant portion of the attack surface altogether. The primary issue arises from the detection and prioritization methods used by traditional Static Code Analysis (SCA) tools for vulnerabilities. These methods lack the organizational-specific context needed to make an informed scoring decision: the score, even if critical, might not  actually  be critical for an organization because its infrastructure works in a unique way - affecting the actual impact the vulnerability might have.  In other words, since these tools depend on a relatively naive methodol
Dell Resets All Customers' Passwords After Potential Security Breach

Dell Resets All Customers' Passwords After Potential Security Breach

Nov 29, 2018
Multinational computer technology company Dell disclosed Wednesday that its online electronics marketplace experienced a "cybersecurity incident" earlier this month when an unknown group of hackers infiltrated its internal network. On November 9, Dell detected and disrupted unauthorized activity on its network attempting to steal customer information, including their names, email addresses and hashed passwords. According to the company, the initial investigation found no conclusive evidence that the hackers succeeded to extract any information, but as a countermeasure Dell has reset passwords for all accounts on Dell.com website whether the data had been stolen or not. Dell did not share any information on how hackers managed to infiltrate its network at the first place or how many user accounts were affected, but the company did confirm that payment information and Social Security numbers were not targeted. "Credit card and other sensitive customer information
cyber security

The Critical State of AI in the Cloud

websiteWiz.ioArtificial Intelligence / Cloud Security
Wiz Research reveals the explosive growth of AI adoption and what 150,000+ cloud accounts revealed about the AI surge.
Cybersecurity Resources