Security News

Specifically, they're updating the Windows kernel in-memory with the Gigabyte driver, according to the research - and the kernel accepts it as a "Patch" thanks to the signed certificate. Once that's loaded, they can then exploit that driver using the known vulnerability in order to load their own, unsigned, malicious driver.

Vulnerabilities in Dell and HP laptops could allow an attacker to access information and gain kernel privileges via the devices' Direct Memory Access capability. "This can allow an attacker to execute kernel code on the system, insert a wide variety of kernel implants and perform a host of additional activity such as spawning system shells or removing password requirements."

Android could be returning to its roots.

A serious Wi-Fi flaw shows how Linux handles security in plain sight.

Alarm raised over more holes in third-party low-level code Nearly three months after infosec biz Eclypsium highlighted widespread security weaknesses in third-party Windows hardware drivers, you...

Speculative execution bugs will be with us for a very long time Linux kernel dev Greg Kroah-Hartman reckons Intel Simultaneous Multithreading (SMT) - also known as hyper-threading - should be...

A recently discovered cryptocurrency mining malware targeting Linux machines is employing kernel-mode rootkits in an attempt to make detection more difficult, Trend Micro reveals. read more

Four vulnerabilities could "SACK" connected devices with denial-of-service exploits.

A security researcher working for Netflix has discovered that the Linux kernel is affected by potentially serious vulnerabilities that can be exploited by a remote, unauthenticated attacker to...

A memory corruption vulnerability recently found in Linux Kernel’s implementation of RDS over TCP could lead to privilege escalation.  Tracked as CVE-2019-11815 and featuring a CVSS base score of...