News in the Hardware category

AMD, Apple, Qualcomm GPUs leak AI data in LeftoverLocals attacks

A new vulnerability dubbed 'LeftoverLocals' affecting graphics processing units from AMD, Apple, Qualcomm, and Imagination Technologies allows retrieving data from the local memory space.
- Bill Toulas
- January 17, 2024
- 10:32 AM
- 1
Vans and North Face owner VF Corp hit by ransomware attack

American global apparel and footwear giant VF Corporation, the owner of brands like Supreme, Vans, Timberland, and The North Face, has disclosed a security incident that caused operational disruptions.
- Bill Toulas
- December 18, 2023
- 01:56 PM
- 0
"Sierra:21" vulnerabilities impact critical infrastructure routers

A set of 21 newly discovered vulnerabilities impact Sierra OT/IoT routers and threaten critical infrastructure with remote code execution, unauthorized access, cross-site scripting, authentication bypass, and denial of service attacks.
- Bill Toulas
- December 06, 2023
- 01:01 AM
- 1
D-Link WiFi range extender vulnerable to command injection attacks

The popular D-Link DAP-X1860 WiFi 6 range extender is susceptible to a vulnerability allowing DoS (denial of service) attacks and remote command injection.
- Bill Toulas
- October 09, 2023
- 05:53 PM
- 1
Modern GPUs vulnerable to new GPU.zip side-channel attack

Researchers from four American universities have developed a new GPU side-channel attack that leverages data compression to leak sensitive visual data from modern graphics cards when visiting web pages.
- Bill Toulas
- September 27, 2023
- 10:06 AM
- 3
MSI: Recent wave of Windows blue screens linked to MSI motherboards

MSI has officially confirmed the recent surge of blue screens of death (BSODs) encountered by Windows users after installing this week's optional preview updates is linked to some of its motherboard models.
- Sergiu Gatlan
- August 25, 2023
- 12:36 PM
- 0
Canon warns of Wi-Fi security risks when discarding inkjet printers

Canon is warning users of home, office, and large format inkjet printers that their Wi-Fi connection settings stored in the devices' memories are not wiped, as they should, during initialization, allowing others to gain access to the data.
- Bill Toulas
- July 31, 2023
- 12:51 PM
- 0
Zenbleed attack leaks sensitive data from AMD Zen2 processors

Google's security researcher Tavis Ormandy discovered a new vulnerability impacting AMD Zen2 CPUs that could allow a malicious actor to steal sensitive data, such as passwords and encryption keys, at a rate of 30KB/sec from each CPU core.
- Bill Toulas
- July 24, 2023
- 05:28 PM
- 1
Flipper Zero now has an app store to install third-party apps

The Flipper Zero team has launched its very own 'Flipper Apps' mobile app store, allowing mobile users to install 3rd-party apps and extend the functionality of the popular wireless pen-testing tool.
- Bill Toulas
- July 24, 2023
- 01:22 PM
- 3
AMD releases Adrenalin 23.7.1 WHQL driver for Windows

After a long break, AMD has launched a new graphics driver, Adrenalin 23.7.1 WHQL (driver version 23.10.01.45).
- Mayank Parmar
- July 09, 2023
- 09:25 AM
- 0
TSMC denies LockBit hack as ransomware gang demands $70 million

Chipmaking giant TSMC (Taiwan Semiconductor Manufacturing Company) denied being hacked after the LockBit ransomware gang demanded $70 million not to release stolen data.
- Bill Toulas
- June 30, 2023
- 09:45 AM
- 1
Zyxel warns of critical command injection flaw in NAS devices

Zyxel is warning its NAS (Network Attached Storage) devices users to update their firmware to fix a critical severity command injection vulnerability.
- Bill Toulas
- June 20, 2023
- 10:26 AM
- 0
Western Digital boots outdated NAS devices off of My Cloud

Western Digital is warning owners of My Cloud series devices that can no longer connect to cloud services starting on June 15, 2023, if the devices are not upgraded to the latest firmware, version 5.26.202.
- Bill Toulas
- June 16, 2023
- 12:03 PM
- 0
CEO guilty of selling counterfeit Cisco devices to military, govt orgs

A Florida man has pleaded guilty to importing and selling counterfeit Cisco networking equipment to various organizations, including education, government agencies, healthcare, and the military.
- Bill Toulas
- June 07, 2023
- 10:19 AM
- 3
ASUS routers knocked offline worldwide by bad security update

ASUS has apologized to its customers for a server-side security maintenance error that has caused a wide range of impacted router models to lose network connectivity.
- Bill Toulas
- May 19, 2023
- 12:11 PM
- 5
Kingston's SSD firmware has Coldplay lyrics hidden within it

What has firmware got to do with pop rock, you ask? That's the question that crossed a security researcher's mind as he analyzed Kingston's firmware and stumbled upon the lyrics of a popular Coldplay song buried deep within it.
- Ax Sharma
- May 10, 2023
- 10:13 AM
- 2
Intel investigating leak of Intel Boot Guard private keys after MSI breach

Intel is investigating the leak of alleged private keys used by the Intel BootGuard security feature, potentially impacting its ability to block the installation of malicious UEFI firmware on MSI devices.
- Lawrence Abrams
- May 08, 2023
- 01:31 PM
- 5
Cisco phone adapters vulnerable to RCE attacks, no fix available

Cisco has disclosed a vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters, allowing an unauthenticated, remote attacker to execute arbitrary code on the devices.
- Bill Toulas
- May 04, 2023
- 01:28 PM
- 0
New SLP bug can lead to massive 2,200x DDoS amplification attacks

A new reflective Denial-of-Service (DoS) amplification vulnerability in the Service Location Protocol (SLP) allows threat actors to launch massive denial-of-service attacks with 2,200X amplification.
- Bill Toulas
- April 25, 2023
- 11:26 AM
- 0
Intel CPUs vulnerable to new transient execution side-channel attack

A new side-channel attack impacting multiple generations of Intel CPUs has been discovered, allowing data to be leaked through the EFLAGS register.
- Bill Toulas
- April 24, 2023
- 03:38 PM
- 0