A new vulnerability in Intel and AMD CPUs lets hackers steal encryption keys
Microprocessors from Intel, AMD, and other companies contain a newly discovered weakness that remote attackers can exploit to obtain cryptographic keys and other secret data traveling through the hardware, researchers said on Tuesday. Hardware manufacturers have long known that hackers can extract secret cryptographic data from a chip by measuring the power it consumes while processing those values. READ MORE...
Ransomware gang creates site for employees to search for their stolen data
The ALPHV ransomware gang, aka BlackCat, has brought extortion to a new level by creating a dedicated website that allows the customers and employees of their victim to check if their data was stolen in an attack. When ransomware gangs conduct attacks, they quietly steal corporate data. After harvesting everything of value, the threat actor starts to encrypt devices. READ MORE...
Chinese Threat Actor Employs Fake Removable Devices as Lures in Cyber-Espionage Campaign
One of the primary hallmarks of an advanced persistent threat (APT) group is its ability to operate undetected for years while carrying out its specific mission. The newest example is "Aoqin Dragon," a China-based APT actor that researchers at SentinelOne recently discovered has been spying on organizations across multiple countries for the past 10 years. The group's primary mission appears to be cyber espionage, and its targets have included organizations in Australia, Cambodia, Hong Kong, and others. READ MORE...
Microsoft Patch Tuesday, June 2022 Edition
Microsoft on Tuesday released software updates to fix 60 security vulnerabilities in its Windows operating systems and other software, including a zero-day flaw in all supported Microsoft Office versions on all flavors of Windows that's seen active exploitation for at least two months now. On a lighter note, Microsoft is officially retiring its Internet Explorer (IE) web browser, which turns 27 years old this year. READ MORE...
ICS Patch Tuesday: Siemens, Schneider Electric Address Over 80 Vulnerabilities
Siemens and Schneider Electric have released their Patch Tuesday advisories for June 2022. The industrial giants have addressed a total of more than 80 vulnerabilities affecting their products. Siemens has released 14 advisories covering 59 vulnerabilities. Thirty of these flaws, including many rated "critical" and "high severity," impact SINEMA Remote Connect Server. Schneider Electric has released eight advisories to address 24 vulnerabilities identified in its products. READ MORE...
Adobe Plugs 46 Security Flaws on Patch Tuesday
Adobe's security response team has pushed out a massive batch of patches to cover at least 46 vulnerabilities in a wide range of enterprise-facing software products. As part of its scheduled Patch Tuesday release for June, Adobe warned of "critical" code execution flaws that expose both Windows and macOS users to malicious hacker attacks. The most serious of the documented flaws affect Adobe Animate, Adobe Bridge, Adobe Illustrator, Adobe InCopy and Adobe InDesign. READ MORE...
Attackers Can Exploit Critical Citrix ADM Vulnerability to Reset Admin Passwords
Citrix on Tuesday warned of a critical vulnerability in Citrix Application Delivery Management (ADM) that could essentially allow an unauthenticated attacker to log in as administrator. A centralized management solution, Citrix ADM provides visibility into application delivery infrastructure and simplifies operations through automated management jobs. It is deployed as a server that communicates with agents installed on externally managed appliances. READ MORE...
- ...in 1836, Arkansas is admitted as the 25th U.S. state.
- ...in 1922, President Warren G. Harding becomes the first president to speak on the radio.
- ...in 1934, the Great Smoky Mountains National Park is founded along the border of Tennessee and North Carolina.
- ...in 1941, singer-songwriter Harry Nilsson ("Everybody's Talkin'", "Coconut") is born in Brooklyn, NY.
