Andy's News Roundup

LABScon Replay | Breaking Firmware Trust From The Other Side: Exploiting Early Boot Phases (Pre-Efi)


Vulnerabilities in System Management Mode (SMM) and more general UEFI applications/drivers (DXE) are receiving increased attention from security researchers. Over the last 12 months, the Binarly efiXplorer team disclosed 107 high-impact vulnerabilities related to SMM and DXE firmware components. However, newer platforms have significantly increased the runtime mitigations in the UEFI firmware execution environment (including SMM), and the new Intel platform firmware runtime mitigations reshaped the attack surface for SMM/DXE with new Intel Hardware Shield technologies applied below-the-OS. The complexity of the modern platform security features is growing every year. The general security promises of the platform consist of many...

Thousands of Citrix Servers Still Unpatched for Critical Vulnerabilities


Dec 29, 2022Ravie LakshmananServer Security / Citrix Thousands of Citrix Application Delivery Controller (ADC) and Gateway endpoints remain vulnerable to two critical security flaws disclosed by the company over the last few months. The issues in question are CVE-2022-27510 and CVE-2022-27518 (CVSS scores: 9.8), which were addressed by the virtualization services provider on November 8 and December 13, 2022, respectively. While CVE-2022-27510 relates to an authentication bypass that could be exploited to gain unauthorized access to Gateway user capabilities, CVE-2022-27518 concerns a remote code execution bug that could enable the takeover of affected systems. Citrix and...

LastPass Data Breach: It’s Time to Ditch This Password Manager


You've heard it again and again: You need to use a password manager to generate strong, unique passwords and keep track of them for you. And if you finally took the plunge with a free and mainstream option, particularly during the 2010s, it was probably LastPass. For the security service's 25.6 million users, though, the company made a worrying announcement last week: A security incident the firm previously reported on November 30 was actually a massive and concerning data breach that exposed encrypted password vaults—the crown jewels of any password manager—along with other user data. The details LastPass provided about...

The UK Data Protection Reforms from an EU perspective


Political turmoil in the UK has slowed down the Government plans to reform data protection: since the Data Protection and Digital Information Bill was tabled in Parliament this June, two Prime Ministers were quickly ousted and, six months after the Bill was published, a parliamentary debate around the Bill has yet to be scheduled. In the meanwhile, a delegation from the European Parliament visited London and left with some rather scathing opinions about the UK data protection reform, but UK Ministers have been denying that there is any issue with their proposals. At the Westminster eForum Conference, the deputy director...

Probing Weaponized Chat Applications Abused in Supply-Chain Attacks


Probing Weaponized Chat Applications Abused in Supply-Chain Attacks This report examines the infection chain and the pieces of malware used by malicious actors in supply-chain attacks that leveraged trojanized installers of chat-based customer engagement platforms. By: Jaromir Horejsi, Joseph C Chen December 14, 2022Read time:  ( words) ...

Previous page   Next page