Security
Headlines
HeadlinesLatestCVEs

Tag

#intel

CVE-2022-0001: Intel: CVE-2022-0001 Branch History Injection

**Why is this Intel CVE included in the Security Update Guide?** The vulnerability assigned to this CVE is in certain processor models offered by Intel and was initially disclosed March 8, 2022. Intel published updates April 9, 2024 and this CVE is being documented in the Security Update Guide to inform customers of the available mitigation and its potential performance impact. The mitigation for this vulnerability is **disabled by default** and manual action is required for customers to be protected. The following documentation was updated by Intel on April 9, 2024 and can be referenced for more information: * CVE-2022-0001 * https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/branch-history-injection.html * https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/branch-history-injection.html **What steps are required to protect my system against the ...

Microsoft Security Response Center
#vulnerability#mac#windows#microsoft#linux#intel#Intel#Security Vulnerability
Vietnamese Cybercrime Group CoralRaider Nets Financial Data

With a complex attack chain and using Telegram for its command and control, CoralRaider targets victims in Asian countries — and appears to have accidentally infected itself as well.

Round 2: Change Healthcare Targeted in Second Ransomware Attack

RansomHub, which is speculated to have some connection to ALPHV, has stolen 4TB of sensitive data from the beleaguered healthcare company.

Software-Defined Vehicle Fleets Face a Twisty Road on Cybersecurity

As manufacturers sprint to add software-defined features for vehicles, the ability for third-party maintenance and repair falls behind, leaving businesses with few choices to manage their cybersecurity.

AI Scam Calls: How to Protect Yourself, How to Detect

AI tools are getting better at cloning people’s voices, and scammers are using these new capabilities to commit fraud. Avoid getting swindled by following these expert tips.

US Environmental Protection Agency Allegedly Hacked, 8.5M User Data Leaked

By Waqas Another day, another data breach targeting critical infrastrcuture in the United States! This is a post from HackRead.com Read the original post: US Environmental Protection Agency Allegedly Hacked, 8.5M User Data Leaked

Identity Thief Lived as a Different Man for 33 Years

Plus: Microsoft scolded for a “cascade” of security failures, AI-generated lawyers send fake legal threats, a data broker quietly lobbies against US privacy legislation, and more.

57,000 Kaspersky Fan Club Forum User Data Leaked in Hosting Breach

By Waqas Hacker group RGB claims responsibility for breaching Kaspersky's fan club and the Prosecutor's Office of the Russian Federation, leaking over 100,000 criminal records. This is a post from HackRead.com Read the original post: 57,000 Kaspersky Fan Club Forum User Data Leaked in Hosting Breach

Vulnerabilities Exposed Hugging Face to AI Supply Chain Attacks

By Deeba Ahmed Wiz.io, known for its cloud security expertise, and Hugging Face, a leader in open-source AI tools, are combining their knowledge to develop solutions that address these security concerns. This collaboration signifies a growing focus on securing the foundation of AI advancements. This is a post from HackRead.com Read the original post: Vulnerabilities Exposed Hugging Face to AI Supply Chain Attacks