Security News

Intel Alder Lake BIOS code leak may contain vital secrets
2022-10-10 16:45

Source code for the BIOS used with Intel's 12th-gen Core processors has been leaked online, possibly including details of undocumented model-specific registers and even the private signing key for Intel's Boot Guard security technology. </p. Other folks have claimed to the file contains tools for provisioning or tweaking BIOS images, as well as Intel's reference implementation of the Alder Lake UEFI and an OEM implementation, said to be that of Lenovo.

Intel Confirms Leak of Alder Lake BIOS Source Code
2022-10-10 09:25

Chipmaker Intel has confirmed that proprietary source code related to its Alder Lake CPUs has been leaked, following its release by an unknown third-party on 4chan and GitHub last week. The published content contains Unified Extensible Firmware Interface code for Alder Lake, the company's 12th generation processors that was originally launched in November 2021.

No Shangri-La for you: Top hotel chain confirms data leak
2022-10-05 02:15

Hotel chain Shangri-La Group has admitted to its systems being attacked, and personal data describing guests accessed by unknown parties, over a timeframe that includes the dates on which a high-level international defence conference was staged at one of its Singapore properties. "Shangri-La Group recently discovered unauthorized activities on our IT network," states a notice from the chain that goes on to reveal that "Between May and July 2022, a sophisticated threat actor managed to bypass Shangri-La's IT security monitoring systems undetected, and illegally accessed. guest databases".

TD Bank discloses data breach after employee leaks customer info
2022-10-03 22:42

TD Bank has disclosed a data breach affecting an undisclosed number of customers whose personal information was stolen by a former employee and used to conduct financial fraud.TD Bank is one of the largest banks in the United States by deposits, operating 1,220 branches and employing over 26,000 people.

Ransomware gang leaks data stolen from LAUSD school system
2022-10-02 21:51

The Vice Society Ransomware gang published data and documents Sunday morning that were stolen from the Los Angeles Unified School District during a cyberattack earlier this month. LAUSD superintendent Alberto M. Carvalho confirmed the release of stolen data in a statement posted to Twitter, along with announcing a new hotline launching tomorrow morning at 855-926-1129 for concerned parents and students to ask questions about the data leak.

Hackers Aid Protests Against Iranian Government with Proxies, Leaks and Hacks
2022-09-29 09:56

Several hacktivist groups are using Telegram and other tools to aid anti-government protests in Iran to bypass regime censorship restrictions amid ongoing unrest in the country following the death of Mahsa Amini in custody. The company said it has also witnessed sharing of proxies and open VPN servers to get around censorship and reports on the internet status in the country, with one group helping the anti-government demonstrators access social media sites.

The Week in Ransomware - September 23rd 2022 - LockBit leak
2022-09-23 21:25

This week we saw some embarrassment for the LockBit ransomware operation when their programmer leaked a ransomware builder for the LockBit 3.0 encryptor. Ransomware operations were launched in the past from the leaks of the Babuk ransomware builder and Conti source code.

Can reflections in eyeglasses actually leak info from Zoom calls? Here's a study into it
2022-09-17 07:32

Boffins at the University of Michigan in the US and Zhejiang University in China want to highlight how bespectacled video conferencing participants are inadvertently revealing sensitive on-screen information via reflections in their eyeglasses. In a paper distributed via ArXiv, titled, "Private Eye: On the Limits of Textual Screen Peeking via Eyeglass Reflections in Video Conferencing," researchers Yan Long, Chen Yan, Shilin Xiao, Shivan Prasad, Wenyuan Xu, and Kevin Fu describe how they analyzed optical emanations from video screens that have been reflected in the lenses of glasses.

Ransomware gang threatens 1m-plus medical record leak
2022-09-14 00:57

Two recent ransomware attacks against healthcare systems indicate cybercriminals continue to put medical clinics and hospitals firmly in their crosshairs. In a notification to watchdogs last Friday, Pennsylvania's largest primary care group said a "Sophisticated" ransomware crew breached its network security, giving it access to 75,628 individuals' names, addresses and Social Security numbers along with their medical records.

Over 80% of the top websites leak user searches to advertisers
2022-09-08 14:27

Security researchers have found that roughly eight out of ten websites featuring a search bar will leak their visitor's search terms to online advertisers like Google. While some websites may declare this practice in their user policy, visitors typically don't read these and assume that the information they enter on embedded search fields is isolated from big data brokers.