Security News > 2021 > May

If you are nervous about removing system files by hand, the company has published a download page with an automatic driver remover with the remarkable name of Dell-Security-Advisory-Update-DSA-2021-088 7PR57 WIN 1.0.0 A00.EXE. Unfortunately, just removing the old driver is not enough on its own, because the old firmare update utility left behind on your computer may inadvertently reinstall the buggy driver, thus reintroducing the bug. If you can't yet do step 2, remember to repeat step 1 every time that you run the old firmware updater, in case the update process itself quietly reinstalls the old driver.

A veritable cornucopia of security vulnerabilities in the Exim mail server have been uncovered, some of which could be chained together for unauthenticated remote code execution, gaining root privileges and worm-style lateral movement, according to researchers. "Exim Mail Servers are used so widely and handle such a large volume of the internet's traffic that they are often a key target for hackers," Jogi said, noting that last year, a vulnerability in Exim was a target of the Russian advanced persistent threat known as Sandworm.

One site, since taken down by the state of Maryland, was impersonating a vaccine maker with the intent of collecting personal information from unsuspecting users. Allegedly the site of a real biotechnology firm developing a COVID-19 vaccine, it was actually set up to collect personal data from visitors and use that information for fraud, phishing attacks and malware.

Researchers at security biz Qualys discovered 21 vulnerabilities in Exim, a popular mail server, which can be chained to obtain "a full remote unauthenticated code execution and gain root privileges on the Exim Server." Exim is a mail transfer agent, responsible for receiving and forwarding email messages.

Pen Test Partners security researcher Jan Masters had discovered that a bug allowed anyone to scrape users' private account data right off Peloton's servers, regardless of their profiles being set to private. As Masters said in a post about the glitch, the leaky API was allowing any user, along with any random internet passersby, to make an unauthenticated request for account data to the API without the API making sure that they had any right to the data.

VMware has released security updates to address a critical severity vulnerability in vRealize Business for Cloud that enables unauthenticated attackers to remotely execute malicious code on vulnerable servers. vRealize Business for Cloud is an automated cloud business management solution designed to provide IT teams with cloud planning, budgeting, and cost analysis tools.

There's new research that demonstrates security vulnerabilities in all of the AMD and Intel chips with micro-op caches, including the ones that were specifically engineered to be resistant to the Spectre/Meltdown attacks of three years ago. The new line of attacks exploits the micro-op cache: an on-chip structure that speeds up computing by storing simple commands and allowing the processor to fetch them quickly and early in the speculative execution process, as the team explains in a writeup from the University of Virginia.

According to a new study, Digital Transformation Needs a More Perfect Union, released Wednesday by secure access service edge provider Netskope, networking and security teams do not work well together, if at all. "The evident divide between networking and security teams has been an issue for some time, but has been even more amplified with the rapid acceleration to remote work," Mike Anderson, chief information and digital officer at Netskope, said in a statement.

A Windows Defender bug creates thousands of small files that waste gigabytes of storage space on Windows 10 hard drives. The bug started with Windows Defender antivirus engine 1.1.18100.

In addition to new blueprints, IBM Security also announced a partnership with the cloud and network security provider Zscaler. On Wednesday, IBM Security announced new ways the company will help customers adopt a zero trust approach to security.