ATENTIONβΌ New - CVE-2018-12199
π Read
via "National Vulnerability Database".
Buffer overflow in an OS component in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel TXE version before 3.1.60 or 4.0.10 may allow a privileged user to potentially execute arbitrary code via physical access.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-12198
π Read
via "National Vulnerability Database".
Insufficient input validation in Intel(R) Server Platform Services HECI subsystem before version SPS_E5_04.00.04.393.0 may allow privileged user to potentially cause a denial of service via local access.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-12196
π Read
via "National Vulnerability Database".
Insufficient input validation in Intel(R) AMT in Intel(R) CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow a privileged user to potentially execute arbitrary code via local access.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-12192
π Read
via "National Vulnerability Database".
Logic bug in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before version SPS_E5_04.00.04.393.0 may allow an unauthenticated user to potentially bypass MEBx authentication via physical access.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-12191
π Read
via "National Vulnerability Database".
Bounds check in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before versions 4.00.04.383 or SPS 4.01.02.174, or Intel(R) TXE before versions 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially execute arbitrary code via physical access.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-12190
π Read
via "National Vulnerability Database".
Insufficient input validation in Intel CSME subsystem before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before 3.1.60 or 4.0.10 may allow privileged user to potentially execute arbitrary code via local access.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-12189
π Read
via "National Vulnerability Database".
Unhandled exception in Content Protection subsystem in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before 3.1.60 or 4.0.10 may allow privileged user to potentially modify data via local access.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-12189
π Read
via "National Vulnerability Database".
Unhandled exception in Content Protection subsystem in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before 3.1.60 or 4.0.10 may allow privileged user to potentially modify data via local access.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-12188
π Read
via "National Vulnerability Database".
Insufficient input validation in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before version 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially modify data via physical access.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-12187
π Read
via "National Vulnerability Database".
Insufficient input validation in Intel(R) Active Management Technology (Intel(R) AMT) before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow an unauthenticated user to potentially cause a denial of service via network access.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2018-12185
π Read
via "National Vulnerability Database".
Insufficient input validation in Intel(R) AMT in Intel(R) CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow an unauthenticated user to potentially execute arbitrary code via physical access.π Read
via "National Vulnerability Database".
π΄ Ransomware's New Normal π΄
π Read
via "Dark Reading: ".
GandCrab's evolution underscores a shift in ransomware attack methods.π Read
via "Dark Reading: ".
Dark Reading
Ransomware's New Normal
GandCrab's evolution underscores a shift in ransomware attack methods.
π΄ Criminals Use One Line of Code to Steal Card Data from E-Commerce Sites π΄
π Read
via "Dark Reading: ".
New JavaScript Sniffer is similar to malware used in the Magecart campaign last year that affected over 800 sites.π Read
via "Dark Reading: ".
Darkreading
Criminals Use One Line of Code to Steal Card Data from E-Commerce Sites
New JavaScript sniffer is similar to malware used in the Magecart campaign last year that affected over 800 sites.
β Will the next version of Android get location privacy right? β
π Read
via "Naked Security".
Google has confirmed that improved control over location tracking is one of several new privacy features in the next version of its mobile OS, Android Q.π Read
via "Naked Security".
Naked Security
Will the next version of Android get location privacy right?
Google has confirmed that improved control over location tracking is one of several new privacy features in the next version of its mobile OS, Android Q.
β How to make DuckDuckGo your default Chrome search engine β
π Read
via "Naked Security".
Good news for the privacy-conscious. Chrome 73, released Tuesday, now includes the DuckDuckGo search engine as an option.π Read
via "Naked Security".
Naked Security
How to make DuckDuckGo your default Chrome search engine
Good news for the privacy-conscious. Chrome 73, released Tuesday, now includes the DuckDuckGo search engine as an option.
β Facebook outage coincides with (or causes?) 3m new Telegram users β
π Read
via "Naked Security".
A worldwide, nearly day-long outage at Facebook led to Telegram having a busy, busy day.π Read
via "Naked Security".
Naked Security
Facebook outage coincides with (or causes?) 3m new Telegram users
A worldwide, nearly day-long outage at Facebook led to Telegram having a busy, busy day.
β Ep. 023 β Facebook promises and Google Chrome patches [PODCAST] β
π Read
via "Naked Security".
Here's the latest Naked Security podcast - listen now, and tell your friends and colleagues about us, too!π Read
via "Naked Security".
Naked Security
Ep. 023 β Facebook promises and Google Chrome patches [PODCAST]
Hereβs the latest Naked Security podcast β listen now, and tell your friends and colleagues about us, too!
π How to view passwords in Android Chrome π
π Read
via "Security on TechRepublic".
If you can't remember a password for a website you know Chrome saved, you can view it with these tips.π Read
via "Security on TechRepublic".
TechRepublic
How to view passwords in Android Chrome
When you can't remember a password for a website you know Chrome saved, never fear. You can view it with these tips.
π΄ On Norman Castles and the Internet π΄
π Read
via "Dark Reading: ".
When the Normans conquered England, they built castles to maintain security. But where are the castles of the Internet?π Read
via "Dark Reading: ".
Darkreading
On Norman Castles and the Internet
When the Normans conquered England, they built castles to maintain security. But where are the castles of the Internet?
β You left WHAT on that USB drive?! β
π Read
via "Naked Security".
Nudies, taxes, and memos - oh, my! Research shows that even if we think we've deleted content on the sticks, we're leaving all that and more.π Read
via "Naked Security".
Naked Security
You left WHAT on that USB drive?!
Nudies, taxes, and memos β oh, my! Research shows that even if we think weβve deleted content on the sticks, weβre leaving all that and more.
β Unpatched Fujitsu Wireless Keyboard Bug Allows Keystroke Injection β
π Read
via "Threatpost".
An unpatched high-severity vulnerability allows keystroke injections in Fujitsu wireless keyboards.π Read
via "Threatpost".
Threat Post
Unpatched Fujitsu Wireless Keyboard Bug Allows Keystroke Injection
An unpatched high-severity vulnerability allows keystroke injections in Fujitsu wireless keyboards.