Security
Headlines
HeadlinesLatestCVEs

Tag

#intel

Monti, the New Conti: Ransomware Gang Uses Recycled Code

A new group, Monti, appears to have used leaked Conti code, TTPs, and infrastructure approaches to launch its own ransomware campaign.

DARKReading
#vulnerability#intel
Sensitive NATO Data Stolen in Cyberattack on Portugal’s Armed Forces

By Deeba Ahmed According to local media, this is an "extremely serious" leak because EMGFA, Portugal's armed forces' central unit, stores secret NATO information. This is a post from HackRead.com Read the original post: Sensitive NATO Data Stolen in Cyberattack on Portugal’s Armed Forces

US Sanctions Iran Over APT Cyberattack Activity

The Treasury Department links the MuddyWater APT and APT39 to Iran's intelligence apparatus, which is now blocked from doing business with US entities.

Ubuntu Security Notice USN-5605-1

Ubuntu Security Notice 5605-1 - Asaf Modelevsky discovered that the Intel 10GbE PCI Express Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. It was discovered that the virtual terminal driver in the Linux kernel did not properly handle VGA console font changes, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-5603-1

Ubuntu Security Notice 5603-1 - Asaf Modelevsky discovered that the Intel 10GbE PCI Express Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. It was discovered that the virtual terminal driver in the Linux kernel did not properly handle VGA console font changes, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-5602-1

Ubuntu Security Notice 5602-1 - Asaf Modelevsky discovered that the Intel 10GbE PCI Express Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. It was discovered that the IP implementation in the Linux kernel did not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information.

CVE-2022-3077: i2c: ismt: prevent memory corruption in ismt_access() · torvalds/linux@690b254

A buffer overflow vulnerability was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way it handled the I2C_SMBUS_BLOCK_PROC_CALL case (via the ioctl I2C_SMBUS) with malicious input data. This flaw could allow a local user to crash the system.

Microsoft, Cloud Providers Move to Ban Basic Authentication

Microsoft moves ahead with a plan to sunset basic authentication, and other providers are moving — or have moved — to requiring more secure authentication as well. Is your company ready?

LockBit, ALPHV & Other Ransomware Gang Leak Sites Hit by DDoS Attacks

A sweeping effort to prevent a raft of targeted cybercrime groups from posting ransomware victims' data publicly is hampering their operations, causing outages.

A Pragmatic Response to the Quantum Threat

You certainly don't need to panic, but you do need to form a plan to prepare for the post-quantum reality.