Security News

Now-former HP finance manager Shelbee Szeto has been sentenced to three years in prison and ordered to forfeit more than 250 luxury items after she blew $5m on herself using company credit cards. Szeto, 30, of Fremont, California pleaded guilty to wire fraud, money laundering, and related tax charges in March.

Millions of employees are now working from home or in a hybrid setting. Hackers aren't confined to office walls.

"Potential security vulnerabilities have been identified in the BIOS for certain HP PC products, which might allow arbitrary code execution. HP is releasing firmware updates to mitigate these potential vulnerabilities," reads the short advisory. "This vulnerability could allow an attacker executing with kernel-level privileges to escalate privileges to System Management Mode. Executing in SMM gives an attacker full privileges over the host to further carry out attacks." explains a report by Starke.

HP is warning of new critical security vulnerabilities in the Teradici PCoIP client and agent for Windows, Linux, and macOS that impact 15 million endpoints. Teradici PCoIP is a proprietary remote desktop protocol licensed to many virtualization product vendors, acquired by HP in 2021, and used on its own products since then.

UADAI arranges for collection of the biometrics needed to create an Aadhaar - ten fingerprints, two iris scans, and a facial photograph - through enrollment agencies and registrars and provides authentication-as-a-service using Aadhaar numbers. More than a billion Aadhaar IDs have been issued and over 99 per cent of India adults have enrolled in the scheme.

A now-former HP finance planning manager pleaded guilty on Wednesday to charges of wire fraud, money laundering, and filing false tax returns that follow from the misappropriation of company funds. According to the US Justice Department, Shelbee Szeto, 30, of Fremont, California, worked at HP Inc from August 2017 through June 2021, first as an executive assistant and then as a finance planning manager.

HP has published security advisories for three critical-severity vulnerabilities affecting hundreds of its LaserJet Pro, Pagewide Pro, OfficeJet, Enterprise, Large Format, and DeskJet printer models.The first security bulletin warns about about a buffer overflow flaw that could lead to remote code execution on the affected machine.

Cybersecurity researchers on Tuesday disclosed 16 new high-severity vulnerabilities in various implementations of Unified Extensible Firmware Interface firmware impacting multiple HP enterprise devices. The shortcomings, which have CVSS scores ranging from 7.5 to 8.8, have been uncovered in HP's UEFI firmware.

HP has disclosed 16 high-impact UEFI firmware vulnerabilities that could allow threat actors to infect devices with malware that gain high privileges and remain undetectable by installed security software. SSM. CVE-2021-23924: heap buffer overflow leading to arbitrary code execution.

A previously unknown rootkit has been found setting its sights on Hewlett-Packard Enterprise's Integrated Lights-Out server management technology to carry out in-the-wild attacks that tamper with the firmware modules and completely wipe data off the infected systems. The discovery, which is the first instance of real-world malware in iLO firmware, was documented by Iranian cybersecurity firm Amnpardaz this week.