Security News

Researchers uncovered a vulnerability in Intel Processors that could affect laptops, cars and embedded systems. The flaw enables testing or debugging modes on multiple Intel processor lines, which could allow an unauthorized user with physical access to obtain enhanced privileges on the system.

Over the past few years, mobile devices have become increasingly chatty over the Bluetooth Low Energy protocol and this turns out to be a somewhat significant privacy risk. More recently, the US-based researchers explain, software for tracking COVID-19 has used mobile devices as BLE beacons, broadcasting signals in the service of public health.

Intel on Tuesday released six new security advisories to inform customers about the availability of firmware and software updates that address a total of 15 vulnerabilities across several products. Two of the advisories have been assigned a high severity rating.

NortonLifeLock announced that the Norton Security Universal Windows Platform app will be pre-installed on select new Lenovo laptop PCs. Expanding its collaboration of more than two decades, NortonLifeLock will help protect Lenovo's always-on, always-connected laptops, including the Yoga 5G, IdeaPad 5G and IdeaPad 4G LTE, bringing a trusted level of security to consumers. Last year, Lenovo paved the way for 5G-connected laptops with the introduction of the innovative Yoga 5G. Now, with the release of the mainstream IdeaPad 5G and IdeaPad 4G LTE models earlier this year, Lenovo expands consumers' options and access to the freedom of all-day, anywhere connectivity.

Lenovo this week published information on three vulnerabilities that impact the BIOS of two of its desktop products and approximately 60 laptop and notebook models. Tracked as CVE-2021-3452 and affecting tens of ThinkPad models, the first of the bugs impacts the system shutdown SMI callback function and could be abused by a local attacker that already has elevated privileges on the device to execute arbitrary code.

Microsoft is bringing advanced hardware security to more Surface devices with cloud firmware management to help enterprises deploy new PCs quickly. Microsoft's Surface Laptop 4 is the second Surface device that uses Secured-core to protect the firmware.

Maybe it's sending personal texts or emails from your work phone, editing personal documents or photos on your work laptop, or joining a virtual happy hour with friends from your work tablet. At least the potentially more hazardous activities, such as storing personal data on your work machine or storying sensitive company data on your personal devices.

Their most recent socially engineered messages try to convince users to download their fake version of TikTok by saying the app, which is banned in India, is now available, the report found. Threat actors blast out an SMS or WhatsApp message to numbers on the Jio network with the phishing lure message and a link to take advantage of the fraudulent offer, the report showed.

Acer sent out the same statement to multiple news outlets, refusing to confirm or deny the attack and only saying companies like it "Are constantly under attack, and we have reported recent abnormal situations observed to the relevant law enforcement and data protection authorities in multiple countries." Bleeping Computer also reported that there are some indications showing the people behind REvil used a Microsoft Exchange server on Acer's domain, potentially making it one of the first times a ransomware group leveraged a heavily publicized vulnerability to complete an attack.

By distributing malware-ridden laptops to the most vulnerable and needy schoolkids, the Department for Education is guilty of an astonishing breach of responsibility. It turns out that "We want to run our software on your kids phones and teach them cybersecurity through surprising stuff" is a fun thing to say to educators, governments, and funding bodies.