Автор: Jai Vijayan, Contributing Writer

The vulnerability has been around for nearly 20 years and gives sophisticated attackers a way to bury virtually undetectable bootkits on devices with EPYC and Ryzen microprocessors.

The weaknesses gave attackers an avenue to take over millions of photovoltaic devices connected to Solarman and Deye’s cloud-hosted management systems.

Black Hat presentation reveals adversaries don’t need to complete all seven stages of a traditional kill chain to achieve their objectives.

The security vendor has also implemented several changes to protect against the kind of snafu that crashed 8.5 million Windows computers worldwide last month.

Protections like Windows Smart App Control are useful but susceptible to attacks that allow threat actors initial access to an environment without triggering any alerts.

Researchers say "LianSpy" malware has been in use in a covert data gathering operation that’s gone undetected for at least three years.

The state-sponsored Chinese threat actor gained access to three systems and stole at least some research data around computing and related technologies.

The sustained cyberattack, likely made worse by a mitigation snafu, disrupted several Azure cloud services for nearly eight hours on July 30.

Two US senators accuse carmakers of deceptive language and shifty practices in sharing and resale of driver data.

One threat actor claims to have already gathered email addresses and associated hashes from more than 110 remote IT management databases.