BleepingComputer.com

"New GoFetch attack on Apple Silicon CPUs can steal crypto keys."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 22 March 2024, 1520 UTC.

Content and Source:   https://www.bleepingcomputer.com/BleepingComputer.com.

Please scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

LATEST ARTICLES

New GoFetch attack on Apple Silicon CPUs can steal crypto keys

  • A new side-channel attack called "GoFetch" impacts Apple M1, M2, and M3 processors and can be used to steal secret cryptographic keys from data in the CPU's cache.

  • Arduino
     
    DEALS

Build your own IoT gear with $350 off Raspberry Pi & Arduino training

  • Why wait for a company to manufacture the tech you need when you can build it yourself? These nine Raspberry Pi and Arduino courses show you how for $69.99, $353 off the $423 MSRP.

    • BLEEPINGCOMPUTER DEALS
      •  
    • MARCH 22, 2024
      •  
    • 07:17 AM
      •  
    • Comment Count 0
  • Pwn2Own Vancouver
     
    SECURITY

Hackers earn $1,132,500 for 29 zero-days at Pwn2Own Vancouver

  • Pwn2Own Vancouver 2024 has ended with security researchers collecting $1,132,500 after demoing 29 zero-days (and some bug collisions).

  • Windows 11
     
    MICROSOFT

Windows 11 Notepad finally gets spellcheck and autocorrect

  • Microsoft continues to add new features to the Windows Notepad, today announcing a preview release with built-in spellchecking and an autocorrect feature.

  • KDE
     
    LINUX, SECURITY

KDE advises extreme caution after theme wipes Linux user's files

  • On Wednesday, the KDE team warned Linux users to exercise "extreme caution" when installing global themes, even from the official KDE Store, because these themes run arbitrary code on devices to customize the desktop's appearance.

  • Windows 10
     
    DEALS

This Windows 11 Pro and Microsoft Office 2019 bundle is now under $50

  • Grab this Windows 11 Pro and Microsoft Office 2019 lifetime license bundle while it's on sale for just $49.97 (reg. $408) through March 24 at 11:59 p.m. PT. No coupon is needed.

    • BLEEPINGCOMPUTER DEALS
      •  
    • MARCH 21, 2024
      •  
    • 02:21 PM
      •  
    • Comment Count 1
  • RFID Hotel Room Door Unlock
     
    SECURITY, HARDWARE

Unsaflok flaw can let hackers unlock millions of hotel doors

  • Security vulnerabilities in over 3 million Saflok electronic RFID locks deployed in 13,000 hotels and homes worldwide allowed researchers to easily unlock any door in a hotel by forging a pair of keycards.

  • WordPress
     
    SECURITY

Evasive Sign1 malware campaign infects 39,000 WordPress sites

  • A previously unknown malware campaign called Sign1 has infected over 39,000 websites over the past six months, causing visitors to see unwanted redirects and popup ads.

  • Fortinet
     
    SECURITY

Exploit released for Fortinet RCE bug used in attacks, patch now

  • Security researchers have released a proof-of-concept (PoC) exploit for a critical vulnerability in Fortinet's FortiClient Enterprise Management Server (EMS) software, which is now actively exploited in attacks.

  • What the Latest Ransomware Attacks Teach About Defending Networks
     
    SECURITY
    SPONSORED CONTENT

What the Latest Ransomware Attacks Teach About Defending Networks

  • Recent ransomware attacks have shared valuable lessons on how to limit risk to your own networks. Learn from Blink Ops about how organizations can limit their ransomware risk.

  • Windows Server
     
    MICROSOFT

Microsoft confirms Windows Server issue behind domain controller crashes

  • Microsoft confirmed that a memory leak introduced with the March 2024 Windows Server security updates is behind a widespread issue causing Windows domain controllers to crash.

  • Coder Programmer
     
    DEALS

Learn new coding skills with $550 off StackSkills Unlimited

  • Picking up new skills and ideas is part of the joy of life. This lifetime subscription to StackSkills Unlimited provides hours of training for $49.99, $550 off the $599 MSRP.

    • BLEEPINGCOMPUTER DEALS
      •  
    • MARCH 21, 2024
      •  
    • 07:15 AM
      •  
    • Comment Count 0
  • Pwn2Own Vancouver
     
    SECURITY, LINUX, MICROSOFT, SOFTWARE

Windows 11, Tesla, and Ubuntu Linux hacked at Pwn2Own Vancouver

  • On the first day of Pwn2Own Vancouver 2024, contestants demoed 19 zero-day vulnerabilities in Windows 11, Tesla, Ubuntu Linux and other devices and software to win $732,500 and a Tesla Model 3 car.

  • Windows Server
     
    MICROSOFT

New Windows Server updates cause domain controller crashes, reboots

  • The March 2024 Windows Server updates are causing some domain controllers to crash and restart, according to widespread reports from Windows administrators.

  • SPA GP
     
    SECURITY

Spa Grand Prix email account hacked to phish banking info from fans

  • Hackers hijacked the official contact email for the Belgian Grand Prix event and used it to lure fans to a fake website promising a €50 gift voucher.

  • Loop DoS
     
    SECURITY

New ‘Loop DoS’ attack may impact up to 300,000 online systems

  • A new denial-of-service attack dubbed 'Loop DoS' targeting application layer protocols can pair network services into an indefinite communication loop that creates large volumes of traffic.

  • GitHub
     
    SECURITY, SOFTWARE

GitHub’s new AI-powered tool auto-fixes vulnerabilities in your code

  • GitHub introduced a new AI-powered feature capable of speeding up vulnerability fixes while coding. This feature is in public beta and automatically enabled on all private repositories for GitHub Advanced Security (GHAS) customers

  • Cybersecurity Lock World
     
    DEALS

Study ethical hacking for life with this $46 course bundle

  • The All-in-One Super-Sized Ethical Hacking Bundle is on sale for just $45.99 (reg. $1,098) for a limited time only. 

    • BLEEPINGCOMPUTER DEALS
      •  
    • MARCH 20, 2024
      •  
    • 02:11 PM
      •  
    • Comment Count 0
  • Ivanti
     
    SECURITY

Ivanti fixes critical Standalone Sentry bug reported by NATO

  • Ivanti warned customers to immediately patch a critical severity Standalone Sentry vulnerability reported by NATO Cyber Security Centre researchers.

  • Greggs
     
    TECHNOLOGY, BUSINESS

UK bakery Greggs is latest victim of recent POS system outages

  • UK bakery chain Greggs is the latest victim of recent point of sale system outages that forced store closures at large retail chains over the past few weeks.

VIEW MORE

Comments

Post a Comment

Please leave a comment about our recent post.

Popular posts from this blog

The Cyberwire Daily Briefing

Image
"Fortinet confirms breach of customer data." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 15 September 2024, 1339 UTC. Content and Source:   https://thecyberwire.com/newsletters/daily-briefing/13/176 Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). V13 | Issue 176 | 9.13.24 Daily Briefing for 09.13.24 Announcement Cloud Security in the Age of Generative AI. Artificial Intelligence is revolutionizing business, but it also introduces new risks. Join us on Wednesday, September 18th at 2pm EDT for a compelling live webinar on "Good vs. Evil: Cloud Security in the Age of Generative AI" with N2K CyberWire’s Dave Bittner and Sysdig’s Loris Degioanni.  Learn more and register now . Summary By the CyberWire staff At a glance. Fortinet confirms breach of customer data. Iran's Scarred Manticore deploys ne
Read more

BleepingComputer.com

Image
"Progress LoadMaster vulnerable to 10/10 severity RCE flaw." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 08 September 2024, 1458 UTC. Content and Source:   https://www.bleepingcomputer.com/ Please check link or scroll down to read your selections. Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). Latest Articles   Security Progress LoadMaster vulnerable to 10/10 severity RCE flaw Progress Software has issued an emergency fix for a maximum (10/10) severity vulnerability impacting its LoadMaster and LoadMaster Multi-Tenant (MT) Hypervisor products that allows attackers to remotely execute commands on the device. Bill Toulas   September 08, 2024   10:11 AM     0   Deals Get started learning about cybersecurity with this course bundle deal Take a real step towards a job in information security with this intro to cybersecurity. Get the 2024 Cybersecurity Essentials Bundl
Read more

SecurityWeek Briefing

Image
"New RAMBO attack allows air-gapped data theft." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 10 September 2024, 0035 UTC. Content and Source:  https://www.securityweek.com Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net).   Monday, September 9 , 2024 Are you worried about unmanaged devices and apps? LATEST CYBERSECURITY HEADLINES New RAMBO Attack Allows Air-Gapped Data Theft Predator Spyware Resurfaces With Fresh Infrastructure Google Pushes Rust in Legacy Firmware to Tackle Memory Safety Flaws 300,000 Impacted by Data Breach at Car Rental Firm Avis One Million US Kaspersky Customers Transferred to Pango’s UltraAV Two Indicted in US for Running Dark Web Marketplaces Offering Stolen Information Critical SonicWall Vulnerability Possibly Exploited in Ransomware Attacks CISA Breaks Silence on Controversial ‘Airp
Read more