New Spectre v2 attack impacts Linux systems on Intel CPUs
Researchers have demonstrated the "first native Spectre v2 exploit" for a new speculative execution side-channel flaw that impacts Linux systems…
New ‘Loop DoS’ attack may impact up to 300,000 online systems
A new denial-of-service attack dubbed 'Loop DoS' targeting application layer protocols can pair network services into an indefinite communication loop that creates large…
PixieFail flaws impact PXE network boot in enterprise systems
A set of nine vulnerabilities, collectively called 'PixieFail,' impact the IPv6 network protocol stack of Tianocore's EDK II, the open-source…
3CX warns customers to disable SQL database integrations
VoIP communications company 3CX warned customers today to disable SQL database integrations due to potential risks associated with what it…
Unpatched Zero-Day Bugs in Smart Intercom Allow Remote Eavesdropping
A video-enabled smart intercom made by Chinese company Akuvox has major security vulnerabilities that allow audio and video spying, and…
Windows Mark of the Web Zero-Days Remain Patchless, Under Exploit
A pair of Microsoft bugs allow cyberattackers to bypass native Windows Internet download security, says former CERT CC researcher who…
Microsoft Exchange server zero-day mitigation can be bypassed
Microsoft has shared mitigations for two new Microsoft Exchange zero-day vulnerabilities tracked as CVE-2022-41040 and CVE-2022-41082, but researchers warn that…
New PsExec spinoff lets hackers bypass network security defenses
Security researchers have developed an implementation of the Sysinternals PsExec utility that allows moving laterally in a network using a…
Security advisory accidentally exposes vulnerable systems
A security advisory for a vulnerability (CVE) published by MITRE has accidentally been exposing links to remote admin consoles of over…
New Windows Search zero-day added to Microsoft protocol nightmare
A new Windows Search zero-day vulnerability can be used to automatically open a search window containing remotely-hosted malware executables simply by…