The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

It appears there is no end in sight to the hardware level security vulnerabilities in Intel processors, as well as to the endless 'performance killing' patches that resolve them. Modern Intel CPUs have now been found vulnerable to a new attack that involves reversely exploiting Meltdown-type data leak vulnerabilities to bypass existing defenses, two separate teams of researchers told The Hacker News. Tracked as CVE-2020-0551 , dubbed " Load Value Injection in the Line Fill Buffers" or LVI-LFB for short, the new speculative-execution attack could let a less privileged attacker steal sensitive information—encryption keys or passwords—from the protected memory and subsequently, take significant control over a targeted system. According to experts at Bitdefender and academic researchers from a couple of universities, the new attack is particularly devastating in multi-tenant environments such as enterprise workstations or cloud servers in the datacenter. And

A federal judge in New York on Monday declared a mistrial in the case of a former CIA software engineer who was accused of stealing a massive trove of the agency's classified hacking and tools and leaking it to WikiLeaks whistleblower website. While the jury was unable to reach a verdict on eight counts of the theft and transmission of CIA's confidential documents, it did find ex-CIA Joshua Schulte guilty on two counts of contempt of court and making false statements to the FBI investigators. Schulte's lawyers last month asked the court for a mistrial in this case claiming the prosecutors withheld evidence that could exonerate his client during the four-week trial in the Manhattan federal court. Potentially, as a result of this, jurors failed to reach a unanimous agreement on the most severe charges against Schulte after deliberating since last week. Schulte, who designed hacking tools and malware for both the CIA and NSA to break into adversaries computers,

The introduction of Open AI's ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide range of uses, GenAI tools make it easier for developers to build software, assist sales teams in mundane email writing, help marketers produce unique content at low cost, and enable teams and creatives to brainstorm new ideas.  Recent significant GenAI product launches include Microsoft 365 Copilot, GitHub Copilot, and Salesforce Einstein GPT. Notably, these GenAI tools from leading SaaS providers are paid enhancements, a clear sign that no SaaS provider will want to miss out on cashing in on the GenAI transformation. Google will soon launch its SGE "Search Generative Experience" platform for premium AI-generated summaries rather than a list of websites.  At this pace, it's just a matter of a short time befo

AMD processors from as early as 2011 to 2019 carry previously undisclosed vulnerabilities that open them to two new different side-channel attacks, according to a freshly published research. Known as " Take A Way ," the new potential attack vectors leverage the L1 data (L1D) cache way predictor in AMD's Bulldozer microarchitecture to leak sensitive data from the processors and compromise the security by recovering the secret key used during encryption. The research was published by a group of academics from the Graz University of Technology and Research Institute of Computer Science and Random Systems (IRISA), who responsibly disclosed the vulnerabilities to AMD back in August 2019. "We are aware of a new white paper that claims potential security exploits in AMD CPUs, whereby a malicious actor could manipulate a cache-related feature to potentially transmit user data in an unintended way," AMD said in an advisory posted on its website over the weekend

All Intel processors released in the past 5 years contain an unpatchable vulnerability that could allow hackers to compromise almost every hardware-enabled security technology that are otherwise designed to shield sensitive data of users even when a system gets compromised. The vulnerability, tracked as CVE-2019-0090 , resides in the hard-coded firmware running on the ROM ("read-only memory") of the Intel's Converged Security and Management Engine (CSME), which can't be patched without replacing the silicon. Intel CSME is a separate security micro-controller incorporated into the processors that provides an isolated execution environment protected from the host opening system running on the main CPU. It is responsible for the initial authentication of Intel-based systems by loading and verifying firmware components, root of trust based secure boot, and also cryptographically authenticates the BIOS, Microsoft System Guard, BitLocker, and other security features

On the same day yesterday, when the US-based telecom giant T-Mobile admitted a data breach , the UK-based telecommunication provider Virgin Media announced that it has also suffered a data leak incident exposing the personal information of roughly 900,000 customers. What happened? Unlike the T-Mobile data breach that involved a sophisticated cyber attack, Virgin Media said the incident was neither a cyber attack nor the company's database was hacked. Rather the personal details of around 900,000 Virgin Media UK-based customers were exposed after one of its marketing databases was left unsecured on the Internet and accessible to anyone without requiring any authentication. "The precise situation is that information stored on one of our databases has been accessed without permission. The incident did not occur due to a hack, but as a result of the database being incorrectly configured," the company said in a note published on its website on Thursday night. Acc

The US-CERT today issued advisory warning users of a new dangerous 17-year-old remote code execution vulnerability affecting the PPP daemon (pppd) software that comes installed on almost all Linux based operating systems, as well as powers the firmware of many other networking devices. The affected pppd software is an implementation of Point-to-Point Protocol (PPP) that enables communication and data transfer between nodes, primarily used to establish internet links such as those over dial-up modems, DSL broadband connections, and Virtual Private Networks. Discovered by IOActive security researcher Ilja Van Sprundel , the critical issue is a stack buffer overflow vulnerability that exists due to a logical error in the Extensible Authentication Protocol (EAP) packet parser of the pppd software, an extension that provides support for additional authentication methods in PPP connections. The vulnerability , tracked as CVE-2020-8597  with CVSS Score 9.8, can be exploited by unau

More than 200 million records containing a wide range of property-related information on US residents were left exposed on a database that was accessible on the web without requiring any password or authentication. The exposed data — a mix of personal and demographic details — included the name, address, email address, age, gender, ethnicity, employment, credit rating, investment preferences, income, net worth, and property information, such as: Market value Property type Mortgage amount, rate, type, and lender Refinance amount, rate, type, and lender Previous owners Year built Number of beds and bathrooms Tax assessment information According to security firm Comparitech , the database, which was hosted on Google Cloud, is said to have been first indexed by search engine BinaryEdge on 26th January and discovered a day later by cybersecurity researcher Bob Diachenko. But after failing to identify the database owner, the server was eventually taken offline more than a

If you are a T-Mobile customer, this news may concern you. US-based telecom giant T-Mobile has suffered yet another data breach incident that recently exposed personal and accounts information of both its employees and customers to unknown hackers. What happened? In a breach notification posted on its website, T-Mobile today said its cybersecurity team recently discovered a sophisticated cyberattack against the email accounts of some of its employees that resulted in unauthorized access to the sensitive information contained in it, including details for its customers and other employees. Although the telecom company did not disclose how the breach happened, when it happened, and exactly how many employees and users were affected, it did confirm that the leaked information on its users doesn't contain financial information like credit card and Social Security numbers. What type of information was accessed? The exposed data of an undisclosed number of affected users incl