News in the Hardware category

Zenbleed attack leaks sensitive data from AMD Zen2 processors

Google's security researcher Tavis Ormandy discovered a new vulnerability impacting AMD Zen2 CPUs that could allow a malicious actor to steal sensitive data, such as passwords and encryption keys, at a rate of 30KB/sec from each CPU core.
- Bill Toulas
- July 24, 2023
- 05:28 PM
- 1
Flipper Zero now has an app store to install third-party apps

The Flipper Zero team has launched its very own 'Flipper Apps' mobile app store, allowing mobile users to install 3rd-party apps and extend the functionality of the popular wireless pen-testing tool.
- Bill Toulas
- July 24, 2023
- 01:22 PM
- 3
AMD releases Adrenalin 23.7.1 WHQL driver for Windows

After a long break, AMD has launched a new graphics driver, Adrenalin 23.7.1 WHQL (driver version 23.10.01.45).
- Mayank Parmar
- July 09, 2023
- 09:25 AM
- 0
TSMC denies LockBit hack as ransomware gang demands $70 million

Chipmaking giant TSMC (Taiwan Semiconductor Manufacturing Company) denied being hacked after the LockBit ransomware gang demanded $70 million not to release stolen data.
- Bill Toulas
- June 30, 2023
- 09:45 AM
- 1
Zyxel warns of critical command injection flaw in NAS devices

Zyxel is warning its NAS (Network Attached Storage) devices users to update their firmware to fix a critical severity command injection vulnerability.
- Bill Toulas
- June 20, 2023
- 10:26 AM
- 0
Western Digital boots outdated NAS devices off of My Cloud

Western Digital is warning owners of My Cloud series devices that can no longer connect to cloud services starting on June 15, 2023, if the devices are not upgraded to the latest firmware, version 5.26.202.
- Bill Toulas
- June 16, 2023
- 12:03 PM
- 0
CEO guilty of selling counterfeit Cisco devices to military, govt orgs

A Florida man has pleaded guilty to importing and selling counterfeit Cisco networking equipment to various organizations, including education, government agencies, healthcare, and the military.
- Bill Toulas
- June 07, 2023
- 10:19 AM
- 3
ASUS routers knocked offline worldwide by bad security update

ASUS has apologized to its customers for a server-side security maintenance error that has caused a wide range of impacted router models to lose network connectivity.
- Bill Toulas
- May 19, 2023
- 12:11 PM
- 5
Kingston's SSD firmware has Coldplay lyrics hidden within it

What has firmware got to do with pop rock, you ask? That's the question that crossed a security researcher's mind as he analyzed Kingston's firmware and stumbled upon the lyrics of a popular Coldplay song buried deep within it.
- Ax Sharma
- May 10, 2023
- 10:13 AM
- 2
Intel investigating leak of Intel Boot Guard private keys after MSI breach

Intel is investigating the leak of alleged private keys used by the Intel BootGuard security feature, potentially impacting its ability to block the installation of malicious UEFI firmware on MSI devices.
- Lawrence Abrams
- May 08, 2023
- 01:31 PM
- 5
Cisco phone adapters vulnerable to RCE attacks, no fix available

Cisco has disclosed a vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters, allowing an unauthenticated, remote attacker to execute arbitrary code on the devices.
- Bill Toulas
- May 04, 2023
- 01:28 PM
- 0
New SLP bug can lead to massive 2,200x DDoS amplification attacks

A new reflective Denial-of-Service (DoS) amplification vulnerability in the Service Location Protocol (SLP) allows threat actors to launch massive denial-of-service attacks with 2,200X amplification.
- Bill Toulas
- April 25, 2023
- 11:26 AM
- 0
Intel CPUs vulnerable to new transient execution side-channel attack

A new side-channel attack impacting multiple generations of Intel CPUs has been discovered, allowing data to be leaked through the EFLAGS register.
- Bill Toulas
- April 24, 2023
- 03:38 PM
- 0
Brazil seizing Flipper Zero shipments to prevent use in crime

The Brazilian National Telecommunications Agency is seizing incoming Flipper Zero purchases due to its alleged use in criminal activity, with purchasers stating that the government agency has rejected all attempts to certify the equipment.
- Bill Toulas
- March 11, 2023
- 10:23 AM
- 6
MSI breaks Secure Boot for hundreds of motherboards

Over 290 MSI motherboards are reportedly affected by an insecure default UEFI Secure Boot setting settings that allows any operating system image to run regardless of whether it has a wrong or missing signature.
- Bill Toulas
- January 16, 2023
- 05:02 PM
- 8
Corsair keyboard bug makes it type on its own, no malware involved

Corsair has confirmed that a bug in the firmware of K100 keyboards, and not malware, is behind previously entered text being auto-typed into applications days later.
- Bill Toulas
- December 21, 2022
- 04:47 PM
- 6
Internet connectivity worldwide impacted by severed fiber cables in France

A major Internet cable in the South of France was severed yesterday at 20:30 UTC, impacting subsea cable connectivity to Europe, Asia, and the United States and causing data packet losses and increased website response latency.
- Bill Toulas
- October 20, 2022
- 09:25 AM
- 1
Intel confirms leaked Alder Lake BIOS Source Code is authentic

Intel has confirmed that a source code leak for the UEFI BIOS of Alder Lake CPUs is authentic and has been released by a third party.
- Lawrence Abrams
- October 09, 2022
- 08:53 PM
- 1
Ethernet VLAN Stacking flaws let hackers launch DoS, MiTM attacks

Four vulnerabilities in the widely adopted 'Stacked VLAN' Ethernet feature allows attackers to perform denial-of-service (DoS) or man-in-the-middle (MitM) attacks against network targets using custom-crafted packets.
- Bill Toulas
- September 28, 2022
- 11:05 AM
- 0
HP will pay customers for blocking non-HP ink cartridges in EU

HP printer owners forced to use HP ink and toner cartridges in Europe will receive compensation from the vendor for not adequately informing them about the limitations of the devices they bought.
- Bill Toulas
- September 12, 2022
- 01:24 PM
- 1