News in the Hardware category

Hackers exploit critical D-Link DIR-859 router flaw to steal passwords

Hackers are exploiting a critical vulnerability that affects all D-Link DIR-859 WiFi routers to collect account information from the device, including passwords.
- Bill Toulas
- June 29, 2024
- 11:18 AM
- 1
Phoenix UEFI vulnerability impacts hundreds of Intel PC models

A newly discovered vulnerability in Phoenix SecureCore UEFI firmware tracked as CVE-2024-0762 impacts devices running numerous Intel CPUs, with Lenovo already releasing new firmware updates to resolve the flaw.
- Lawrence Abrams
- June 20, 2024
- 05:31 PM
- 0
New ARM 'TIKTAG' attack impacts Google Chrome, Linux systems

A new speculative execution attack named "TIKTAG" targets ARM's Memory Tagging Extension (MTE) to leak data with over a 95% chance of success, allowing hackers to bypass the security feature.
- Bill Toulas
- June 16, 2024
- 10:16 AM
- 1
ASUS warns of critical remote authentication bypass on 7 routers

ASUS has released a new firmware update that addresses a vulnerability impacting seven router models that allow remote attackers to log in to devices.
- Bill Toulas
- June 15, 2024
- 11:17 AM
- 4
Netgear WNR614 flaws allow device takeover, no fix available

Researchers found half a dozen vulnerabilities of varying severity impacting Netgear WNR614 N300, a budget-friendly router that proved popular among home users and small businesses.
- Bill Toulas
- June 10, 2024
- 05:38 PM
- 0
Malware botnet bricked 600,000 routers in mysterious 2023 attack

A malware botnet named 'Pumpkin Eclipse' performed a mysterious destructive event in 2023 that took 600,000 office/home office (SOHO) internet routers offline, according to a new report by researchers at Lumen's Black Lotus Labs.
- Bill Toulas
- May 30, 2024
- 02:56 PM
- 1
TP-Link fixes critical RCE bug in popular C5400X gaming router

The TP-Link Archer C5400X gaming router is vulnerable to security flaws that could enable an unauthenticated, remote attacker to execute commands on the device.
- Bill Toulas
- May 27, 2024
- 03:11 PM
- 2
Microsoft tests using MT/s for memory speed in Windows 11 Task Manager

Microsoft is testing showing memory speeds as MT/s (mega-transfers per second) rather than MHz (megahertz) in the Windows 11 Task Manager.
- Lawrence Abrams
- May 06, 2024
- 01:09 PM
- 8
New Spectre v2 attack impacts Linux systems on Intel CPUs

Researchers have demonstrated the "first native Spectre v2 exploit" for a new speculative execution side-channel flaw that impacts Linux systems running on many modern Intel processors.
- Bill Toulas
- April 10, 2024
- 01:19 PM
- 2
$700 cybercrime software turns Raspberry Pi into an evasive fraud tool

Cybercriminals are selling custom Raspberry Pi software called 'GEOBOX' on Telegram, which allows inexperienced hackers to convert the mini-computers into anonymous cyberattack tools.
- Bill Toulas
- March 26, 2024
- 04:40 PM
- 2
New ZenHammer memory attack impacts AMD Zen CPUs

Academic researchers developed ZenHammer, the first variant of the Rowhammer DRAM attack that works on CPUs based on recent AMD Zen microarchitecture that map physical addresses on DDR4 and DDR5 memory chips.
- Bill Toulas
- March 25, 2024
- 12:00 PM
- 0
Unsaflok flaw can let hackers unlock millions of hotel doors

Security vulnerabilities in over 3 million Saflok electronic RFID locks deployed in 13,000 hotels and homes worldwide allowed researchers to easily unlock any door in a hotel by forging a pair of keycards.
- Bill Toulas
- March 21, 2024
- 02:14 PM
- 0
Flipper Zero makers respond to Canada’s ‘harmful’ ban proposal

The makers of Flipper Zero have responded to the Canadian government's plan to ban the device in the country, arguing that it is wrongfully accused of facilitating car thefts.
- Bill Toulas
- March 20, 2024
- 09:48 AM
- 7
AMD, Apple, Qualcomm GPUs leak AI data in LeftoverLocals attacks

A new vulnerability dubbed 'LeftoverLocals' affecting graphics processing units from AMD, Apple, Qualcomm, and Imagination Technologies allows retrieving data from the local memory space.
- Bill Toulas
- January 17, 2024
- 10:32 AM
- 1
Vans and North Face owner VF Corp hit by ransomware attack

American global apparel and footwear giant VF Corporation, the owner of brands like Supreme, Vans, Timberland, and The North Face, has disclosed a security incident that caused operational disruptions.
- Bill Toulas
- December 18, 2023
- 01:56 PM
- 0
"Sierra:21" vulnerabilities impact critical infrastructure routers

A set of 21 newly discovered vulnerabilities impact Sierra OT/IoT routers and threaten critical infrastructure with remote code execution, unauthorized access, cross-site scripting, authentication bypass, and denial of service attacks.
- Bill Toulas
- December 06, 2023
- 01:01 AM
- 1
D-Link WiFi range extender vulnerable to command injection attacks

The popular D-Link DAP-X1860 WiFi 6 range extender is susceptible to a vulnerability allowing DoS (denial of service) attacks and remote command injection.
- Bill Toulas
- October 09, 2023
- 05:53 PM
- 1
Modern GPUs vulnerable to new GPU.zip side-channel attack

Researchers from four American universities have developed a new GPU side-channel attack that leverages data compression to leak sensitive visual data from modern graphics cards when visiting web pages.
- Bill Toulas
- September 27, 2023
- 10:06 AM
- 3
MSI: Recent wave of Windows blue screens linked to MSI motherboards

MSI has officially confirmed the recent surge of blue screens of death (BSODs) encountered by Windows users after installing this week's optional preview updates is linked to some of its motherboard models.
- Sergiu Gatlan
- August 25, 2023
- 12:36 PM
- 0
Canon warns of Wi-Fi security risks when discarding inkjet printers

Canon is warning users of home, office, and large format inkjet printers that their Wi-Fi connection settings stored in the devices' memories are not wiped, as they should, during initialization, allowing others to gain access to the data.
- Bill Toulas
- July 31, 2023
- 12:51 PM
- 0