Cyber Security – Kernel Sesias

1 Febbraio 2025Tecnologia

Backdoor uncovered in China-made patient monitors — Contec CMS8000 raises questions about healthcare device security

The US-based Cybersecurity & Infrastructure Security Agency recently released an investigation report involving three firmware versions used in a patient monitoring system […]

29 Gennaio 2025Tecnologia

Apple silicon is vulnerable to side-channel speculative execution attacks “FLOP” and “SLAP”

Earlier this week, a team of security researchers from the Georgia Institute of Technology and Ruhr University Bochum presented a pair of […]

27 Gennaio 2025Tecnologia

Microsoft OneDrive for Business allegedly keeps OCR’ed data in an unprotected format

It is not a secret that both Apple and Microsoft use optical character recognition (OCR) and image recognition for images stored on […]

19 Gennaio 2025Tecnologia

The first-ever ransomware dropped 35 years ago disguised as a floppy sharing ‘AIDS Information’

Thirty-five years ago, as December 1989 turned into January 1990, the then-largest ever cybercrime investigation was launched in response to the world’s […]

18 Gennaio 2025Tecnologia

Chinese hackers infiltrated US Treasury Secretary’s PC — attackers had access to over 400 PCs

As reported last week, Chinese hackers infiltrated the U.S. Department of Treasury and gained access to several users’ workstations. However, according to […]

10 Gennaio 2025Tecnologia

Chinese hackers target US Treasury computers used for sanctions — Committee on Foreign Investment specifically targeted

Chinese hackers have gained access to a system that belongs to the Committee on Foreign Investment in the U.S. (CFIUS), a government […]

5 Gennaio 2025Tecnologia

U.S. uncovers hacking campaign targeting Guam’s critical infrastructure — suspected Chinese Volt Typhoon hacks could disrupt the defense of Taiwan

The U.S. government has uncovered a Chinese hacking campaign targeting Guam’s critical infrastructure, according to Bloomberg. Guam is a key U.S. military […]

31 Dicembre 2024Tecnologia

Alleged 7-Zip arbitrary code execution exploit leaked to Twitter — the 7-Zip author claims this exploit not only isn’t real but was generated by AI

Yesterday, user @NSA_Employee39 allegedly posted a zero-day exploit for the popular open-source file decompression utility 7-Zip on Twitter, only to have 7-Zip […]

8 Dicembre 2024Tecnologia

Zero-day Windows NTLM hash vulnerability gets patched by third-party —credentials can be hijacked by merely viewing a malicious file in File Explorer

Back in June 2023, Microsoft officially announced it had deprecated support for its New Technology LAN Manager authentication protocol, which debuted in […]

7 Dicembre 2024Tecnologia

US govt says Cisco gear often targeted in China’s Salt Typhoon attacks on 8 telecommunications providers — issues Cisco-specific advice to patch networks to fend off attacks

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) released guidelines for network engineers, defenders, and organizations with enterprise-grade networking equipment as part […]