Intel Fixes Critical, High-Severity Flaws Across Several Products
Intel has issued fixes for a slew of vulnerabilities, separate from the side-channel bugs disclosed last week.
Author Archives: Lindsey O'Donnell
HCL Exposes Customer, Personnel Info in Wide-Ranging Data Leak
HCL domain pages exposed sensitive data - including passwords and project analysis reports - for thousands of employees and customers.
Windows 10 Update Bricks PCs, Microsoft Offers Workarounds
A glitch in Microsoft's Windows 10 update is causing systems to freeze after users tried to use the System Reboot function. Luckily, workarounds exist.
Behind the Naming of ZombieLoad and Other Intel Spectre-Like Flaws
A lot of thought and meaning goes into the naming of infamous CPU side channel flaws, like ZombieLoad, Spectre and Meltdown.
ZombieLoad: How Intel’s Latest Side Channel Bug Was Discovered and Disclosed
Daniel Gruss, the researcher behind Spectre, Meltdown - and most recently, ZombieLoad - Intel CPU side channel attacks, gives an inside look into how he discovered the flaws.
WordPress WP Live Chat Support Plugin Fixes XSS Flaw
A cross-site scripting flaw in a popular WordPress plugin enables an unauthenticated attacker to insert JavaScript payloads into impacted websites.
News Wrap: WhatsApp, Microsoft, Intel and Cisco Flaws
From a zero day flaw in WhatsApp, to Patch Tuesday fixes, Threatpost breaks down the top vulnerabilities of this week.
Forbes Becomes Latest Victim of Magecart Payment Card Skimmer
The web skimming script was recently found stealing payment data on the websites of Forbes Magazine as well as seven others.
Cybercrime Gang Behind GozNym Banking Malware Dismantled
Europol said it has dismantled the cybercrime network behind the GozNym malware, which siphoned more than $100 million from businesses.
Google Titan Security Key Recalled After Bluetooth Pairing Bug
Google is offering free replacements for its Titan Security Key after discovering a misconfiguration in its pairing protocols.
Intel ZombieLoad Side-Channel Attack: 10 Takeaways
Here are 10 top takeaways from Intel's most recent class of Spectre-like speculative execution vulnerabilities, disclosed this week.
Intel CPUs Impacted By New Class of Spectre-Like Attacks
Intel has disclosed a new class of speculative execution side channel attacks.
Adobe Addresses Critical Adobe Flash Player, Acrobat Reader Flaws
Adobe has issued patches for 87 vulnerabilities on Patch Tuesday - the bulk of which exist in Adobe's Acrobat and Reader product.
WhatsApp Zero-Day Exploited in Targeted Spyware Attacks
WhatsApp has patched a vulnerability that allowed attackers to install spyware on victims' phones.