Security News

An almost 6-year-old vulnerability in the Lighttpd web server used in Baseboard Management Controllers has been overlooked by many device vendors, including Intel and Lenovo. Although the vulnerability was addressed in August 2018, the maintainers of Lighthttpd patched it silently in version 1.4.51 without assigning a tracking ID. This led the developers of AMI MegaRAC BMC to miss the fix and fail to integrate it into the product.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Researchers have demonstrated the "First native Spectre v2 exploit" for a new speculative execution side-channel flaw that impacts Linux systems running on many modern Intel processors. Spectre V2 is a new variant of the original Spectre attack discovered by a team of researchers at the VUSec group from VU Amsterdam.

Intel and the global investment firm DigitalBridge Group have formed an independent generative AI software stack company, Articul8 AI, Inc.; Intel announced the new company on Jan. 3. Articul8 will work with Intel and provide solutions for organizations that wish to build and deploy generative AI. Articul8's product and capabilities.

Researchers from the Vrije Universiteit Amsterdam have disclosed a new side-channel attack called SLAM that could be exploited to leak sensitive information from kernel memory on current and...

As Cyber Solidarity Act edges closer to full adoption in Europe The US Cybersecurity and Infrastructure Security Agency (CISA) has signed a working arrangement with its EU counterparts to increase...

Australia is building a top-secret cloud to host intelligence data and share it with the US and UK, which have their own clouds built for the same purpose. The three clouds were discussed on Monday by Andrew Shearer, Australia's director-general of national intelligence, at an event hosted by the Center for Strategic & International Studies in Washington, DC. "We are working very hard on a top-secret cloud initiative," Shearer told the event, adding that it will interoperate with similar infrastructure already operated by the US and UK, and mean sensitive data can be shared "Near instantaneously."

Academic researchers developed a new side-channel attack called SLAM that exploits hardware features designed to improve security in upcoming CPUs from Intel, AMD, and Arm to obtain the root password hash from the kernel memory. Short for Spectre based on LAM, the SLAM attack was discovered by researchers at Systems and Network Security Group at Vrije Universiteit Amsterdam, who demonstrated its validity by emulating the upcoming LAM feature from Intel on a last-generation Ubuntu system.

Intel has published a fix for a potential vulnerability that affected some Intel processors. On Nov. 14, Intel addressed the potential flaw in a variety of processors.

Citrix has released hotfixes for two vulnerabilities impacting Citrix Hypervisor, one of them being the "Reptar" high-severity flaw that affects Intel CPUs for desktop and server systems. "Although this is not an issue in the Citrix Hypervisor product itself, we have included updated Intel microcode to mitigate this CPU hardware issue," reads the advisory.