Intel will soon bake anti-malware defenses directly into its CPUs

[ad_1] Enlarge / A mobile PC processor code-named Tiger Lake. It will be the first CPU to offer a security capability known as Control-Flow Enforcement Technology. Intel The history of hacking has largely been a back-and-forth game, with attackers devising a technique to breach a system, defenders constructing a countermeasure that prevents the technique, and…

UPnP flaw exposes millions of network devices to attacks over the Internet

[ad_1] Millions of routers, printers, and other devices can be remotely commandeered by a new attack that exploits a security flaw in the Universal Plug and Play network protocol, a researcher said. CallStranger, as the exploit has been named, is most useful for forcing large numbers of devices to participate in distributed denial of service—or…

Honda halts production at some plants after being hit by a cyberattack

[ad_1] Honda halted manufacturing at some of its plants around the world on Tuesday after being hit by a cyberattack that’s widely reported to be ransomware. “Honda has experienced a cyberattack that has affected production operations at some US plants,” the automaker told Ars. “However, there is no current evidence of loss of personally identifiable…

Exploit code for wormable flaw on unpatched Windows devices published online

[ad_1] A researcher has published exploit code for a Microsoft Windows vulnerability that, when left unpatched, has the potential to spread from computer to computer with no user interaction. So-called wormable security flaws are among the most severe, because the exploit of one vulnerable computer can start a chain reaction that rapidly spreads to hundreds…

Google fixes Android flaws that allow code execution with high system rights

[ad_1] Google has shipped security patches for dozens of vulnerabilities in its Android mobile operating system, two of which could allow hackers to remotely execute malicious code with extremely high system rights. In some cases, the malware could run with highly elevated privileges, a possibility that raises the severity of the bugs. That’s because the…

Attackers exploit 0-day code-execution flaw in the Sophos firewall

[ad_1] Users of a widely used firewall from Sophos have been under a zero-day attack that was designed to steal usernames, cryptographically protected passwords, and other sensitive data, officials with the security firm said on Sunday. The well-researched and developed attack exploited a SQL injection flaw in fully patched versions of the Sophos XG Firewall.…

That no-click iOS 0-day reported to be under exploit doesn’t exist, Apple says

[ad_1] Apple is disputing the accuracy of this week’s report that found attackers have been exploiting an unpatched iOS bug that allowed them to take full control of iPhones. San Francisco-based security firm ZecOps said on Wednesday that attackers had used the zero-day exploit against at least six targets over a span of at least…

A critical iPhone and iPad bug that lurked for 8 years is under active attack

[ad_1] ZecOps A critical bug that has lurked in iPhones and iPads for eight years is under active attack by sophisticated hackers who are using a zero-day exploit to hack the devices of high-profile targets, a security firm reported on Wednesday. The exploit is triggered by sending booby-trapped emails that, in some cases, require no…

Microsoft patches 4 Windows 0days under active exploit

[ad_1] Enlarge / A person seems to be on the dwelling display for the “new” Windows 7 platform when it was launched in October 2009. Microsoft has ended help, however the OS lives on. Microsoft has patched 4 actively exploited vulnerabilities that enable attackers to execute malicious code or elevate system privileges on units that…