Tag: Hardware
-
How a Single Faulty Windows Driver Can Crash Your System and Cause Blue Screen of Death
Windows devices rely on a complex ecosystem of drivers to manage hardware and software interactions. When one driver fails to complete a critical task, the entire operating system can halt in a fatal error known as the Blue Screen of Death (BSOD). Understanding how a single faulty driver triggers a system-wide crash helps users and…
-
The importance of reviewing AI data centers’ policies
Tags: ai, attack, backdoor, corporate, cybersecurity, data, government, Hardware, jobs, monitoring, risk, side-channel, supply-chain, threat, tool, vulnerabilityWhat cybersecurity leaders need to consider: Given these expanded threats, cybersecurity leaders and decision makers must closely scrutinize whether their AI data center operators are implementing corporate policies that require technical measures to secure AI data centers across all layers of security, including hardware, data, and geopolitical. Examples of such policies include: closely inspecting hardware…
-
GPUGate Malware Leverages Legitimate Platforms to Deliver Advanced Payloads
A sophisticated new malware campaign exploiting trusted platforms and hardware-dependent evasion techniques targets IT professionals across Western Europe. Cybersecurity researchers have uncovered a highly sophisticated malware distribution campaign that cleverly exploits Google Ads and GitHub’s infrastructure to deliver a novel payload dubbed >>GPUGate.
-
Linux Mint 22.2 polishes the desktop, but kernel updates are the real deal
Point release brings Cinnamon tweaks, shiny apps, and Ubuntu’s Hardware Enablement stack First seen on theregister.com Jump to article: www.theregister.com/2025/09/05/linux_mint_222/
-
Using Programmable Tokens for Secure Windows Login
Enhance Windows security using programmable tokens for multi-factor authentication. Learn how to set up and use hardware tokens for a more secure login process. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/using-programmable-tokens-for-secure-windows-login/
-
Cybersecurity Snapshot: Expert Advice for Securing Critical Infrastructure’s OT and Industrial Control Systems, IoT Devices and Network Infrastructure
Tags: access, advisory, apt, attack, authentication, breach, china, cisa, cisco, cloud, compliance, computer, computing, control, credentials, cryptography, cve, cyber, cybersecurity, data, defense, detection, espionage, exploit, firmware, framework, google, government, guide, hacker, Hardware, incident response, infrastructure, international, Internet, iot, login, mfa, military, mitigation, monitoring, network, nist, organized, password, phishing, ransomware, regulation, risk, russia, sans, service, software, technology, theft, threat, tool, update, vulnerability, zero-trustDestructive cyber attacks against critical infrastructure have unfortunately become increasingly frequent. Just last week, multinational government agencies blared the alarm about a global cyber espionage campaign targeting critical infrastructure networks. With this type of cyber threat in the spotlight, we’re rounding up recent cyber advice for securing critical infrastructure. In case you missed it, here…
-
Hackers Exploit Raw Disk Reads to Evade EDR and Steal Sensitive Files
Attackers can bypass Endpoint Detection and Response (EDR) tools and file locks by reading raw disk sectors directly, highlighting the urgent need for organizations to audit and secure the drivers installed on their Windows systems. In modern Windows environments, drivers provide low-level access to hardware and disk functions. A recent investigation by Workday’s Offensive Security…
-
Venezuela’s president thinks American spies can’t hack Huawei phones
Huawei phones, given their custom hardware and operating system, may actually be easier to hack than other brands. First seen on techcrunch.com Jump to article: techcrunch.com/2025/09/03/venezuelas-president-thinks-american-spies-cant-hack-huawei-phones/
-
Quantum Is Closer Than You Think”, So Why Are You Still Encrypting Like It’s 2015?
Tags: access, ai, business, cloud, communications, compliance, computer, computing, container, crypto, cryptography, data, defense, encryption, endpoint, exploit, government, guide, Hardware, infrastructure, network, nist, privacy, regulation, resilience, risk, risk-assessment, service, software, strategy, technology, threat, tool, update, vulnerabilityQuantum Is Closer Than You Think”, So Why Are You Still Encrypting Like It’s 2015? madhav Tue, 09/02/2025 – 05:43 Not long ago, the idea that quantum computers could one day break today’s strongest encryption felt like science fiction. Today, it’s no longer about if”, but when. While real-world demonstrations of quantum algorithms like Shor’s…
-
Passwordless Authentication Explained
Explore passwordless authentication methods, benefits, and implementation strategies. Learn about biometrics, hardware tokens, and how to enhance security and user experience. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/passwordless-authentication-explained/
-
Wie programmiert man einen Computer, den es noch gar nicht gibt?
Schon heute gibt es erste Programmiersprachen für Quantencomputer, zum Beispiel Qiskit oder Q#. ‘Sie sind sehr nah an der Hardware ähnlich wie die frühen Computersprachen”, sagt Eichhorn. Das heißt: Wer damit arbeitet, muss genau verstehen, wie ein Quantencomputer im Inneren rechnet. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/wie-programmiert-man-einen-computer-den-es-noch-gar-nicht-gibt/a41844/
-
Breaking the Passkey Promise: SquareX Discloses Major Passkey Vulnerability at DEF CON 33
It is no secret that passwords are highly susceptible to phishing and brute force attacks. This led to the mass adoption of passkeys, a passwordless authentication method leveraging cryptographic key pairs that allows users to log in with biometrics or a hardware key. According to FIDO, over 15 billion accounts have been passkey-enabled, with 69%…
-
TDL001 – Cybersecurity Explained: Privacy, Threats, and the Future – Chester Wisniewski
Tags: access, ai, attack, backdoor, breach, business, ciso, computer, country, crime, crimes, cyber, cybercrime, cybersecurity, data-breach, defense, detection, edr, email, finance, firewall, gartner, government, guide, hacker, hacking, Hardware, infosec, Internet, jobs, linkedin, mail, malicious, microsoft, military, monitoring, network, password, phishing, phone, privacy, programming, ransomware, risk, russia, scam, skills, software, sophos, spam, sql, strategy, switch, technology, threat, update, virus, vulnerability, wifi, windowsSummary “The Defenders Log” Episode 1 features host David Redekop and guest Chet Wisniewski discussing the dynamic world of cybersecurity. Wisniewski, with decades of experience, traces his journey from early BBS and phone network exploration to becoming a cybersecurity expert. They delve into the evolution of hacking, the emergence of profitable cybercrime like email spam,…
-
APT36 Targets Indian BOSS Linux Using Weaponized .desktop Shortcut Files
Researchers have unveiled ONEFLIP, a novel inference-time backdoor attack that compromises full-precision deep neural networks (DNNs) by flipping just one bit in the model’s weights, marking a significant escalation in the practicality of hardware-based attacks on AI systems. Unlike traditional backdoor methods that require poisoning training data or manipulating the training process, ONEFLIP operates during…
-
The Foundation Is Cracking: Why Hardware Security Can’t Be an Afterthought Anymore
I was scrolling through my security feeds this morning when I came across news that MITRE has finally updated their Most Important Hardware Weaknesses List. While this should have been cause for celebration, I found myself feeling more frustrated than relieved. The update was driven by improved data collection methods, including AI assistance, and input..…
-
Protecting farms from hackers: A QA with John Deere’s Deputy CISO
Agriculture is a connected, software-driven industry where cybersecurity is just as essential as tractors and harvesters. From embedded hardware in smart fleets to defending … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/26/carl-kubalsky-john-deere-smart-agriculture-cybersecurity/
-
Protecting farms from hackers: A QA with John Deere’s Deputy CISO
Agriculture is a connected, software-driven industry where cybersecurity is just as essential as tractors and harvesters. From embedded hardware in smart fleets to defending … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/26/carl-kubalsky-john-deere-smart-agriculture-cybersecurity/
-
Rowhammer attack can backdoor AI models with one devastating bit flip
Servers with DDR3 memory modules (demonstrated on 16GB Samsung DDR3)Workstations with DDR4 memory (demonstrated on 8GB Hynix DDR4)AI inference servers running popular models such as ResNet, VGG, and Vision TransformersEdge computing devices with vulnerable DRAM hosting neural networksCloud platforms using DDR3/DDR4 memory for AI model deploymentResearch computing systems running full-precision (32-bit floating-point) modelsMulti-tenant GPU servers…
-
Cybersecurity Snapshot: Industrial Systems in Crosshairs of Russian Hackers, FBI Warns, as MITRE Updates List of Top Hardware Weaknesses
Tags: access, ai, attack, automation, cisa, cisco, cloud, conference, control, credentials, cve, cyber, cybersecurity, data, data-breach, deep-fake, detection, docker, espionage, exploit, flaw, framework, fraud, google, government, group, guide, hacker, hacking, Hardware, identity, infrastructure, intelligence, Internet, iot, LLM, microsoft, mitigation, mitre, mobile, network, nist, risk, russia, scam, service, side-channel, software, strategy, switch, technology, threat, tool, update, vulnerability, vulnerability-management, windowsCheck out the FBI’s alert on Russia-backed hackers infiltrating critical infrastructure networks via an old Cisco bug. Plus, MITRE dropped a revamped list of the most important critical security flaws. Meanwhile, NIST rolled out a battle plan against face-morphing deepfakes. And get the latest on the CIS Benchmarks and on vulnerability prioritization strategies! Here are…
-
Hackers Hijack VPS Servers to Breach Software-as-a-Service Accounts
Virtual Private Servers (VPS) have long served as versatile tools for developers and businesses, offering dedicated resources on shared physical hardware with enhanced control and scalability. However, threat actors are increasingly exploiting these platforms to orchestrate stealthy attacks against Software-as-a-Service (SaaS) environments. Rising Abuse of VPS Infrastructure By leveraging VPS providers, attackers can mimic legitimate…
-
Product showcase: iStorage datAshur PRO+C encrypted USB flash drive
Tags: HardwareThe iStorage datAshur PRO+C is a USB-C flash drive featuring AES-XTS 256-bit hardware encryption. Available in capacities from 32 GB to 512 GB, the drive holds FIPS 140-3 … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/21/product-showcase-istorage-datashur-proc-encrypted-usb-flash-drive/
-
5 key takeaways from Black Hat USA 2025
Tags: access, api, attack, authentication, botnet, business, cisco, cloud, container, control, credentials, data, endpoint, exploit, firmware, flaw, framework, Hardware, iam, login, malicious, malware, network, password, programming, rce, remote-code-execution, service, software, technology, tool, update, usa, vulnerability, windowsVaults can be cracked open: Critical vulnerabilities in popular enterprise credential vaults were unveiled by security researchers from Cyata during Black Hat.The flaws in various components of HashiCorp Vault and CyberArk Conjur, responsibly disclosed to the vendors and patched before their disclosure, stemmed from subtle logic flaws in authentication, validation, and policy enforcement mechanisms, as…
-
Microsoft tests cloud-based Windows 365 disaster recovery PCs
Microsoft has announced the limited public preview of Windows 365 Reserve, a service that provides temporary desktop access to pre-configured cloud PCs for employees whose computers have become unavailable due to cyberattacks, hardware issues, or software problems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-tests-cloud-based-windows-365-disaster-recovery-pcs/
-
Firmware-Lücke gefährdet Dell-Hardware – ReVault-Exploit kompromittiert mindestens 100 Dell-Systeme
First seen on security-insider.de Jump to article: www.security-insider.de/dell-revault-controlvault3-exploit-update-a-1dc1ed1faae83afed1c37e14bfac2d6a/
-
13 Produkt-Highlights der Black Hat USA
Tags: access, ai, api, application-security, business, chatgpt, cisco, cloud, compliance, credentials, crowdstrike, cybersecurity, data, detection, google, governance, Hardware, identity, leak, LLM, malware, marketplace, microsoft, monitoring, network, openai, phishing, risk, saas, service, soc, threat, tool, usa, vulnerability, zero-trustDas Mandalay Bay Convention Center wird zur Black Hat USA zum Cybersecurity-Hub 2025 lag der Fokus dabei insbesondere auf Agentic und Generative AI.Zur Black-Hat-Konferenz haben sich auch 2025 Tausende von Sicherheitsexperten in Las Vegas zusammengefunden, um sich über die neuesten Entwicklungen im Bereich Cybersecurity zu informieren und auszutauschen. Der thematische Fokus lag dabei in erster…
-
What is a CISO? The top IT security leader role explained
Tags: access, authentication, breach, business, ceo, cio, cisa, ciso, compliance, computer, container, control, corporate, credentials, cyber, cybersecurity, data, ddos, defense, dns, encryption, exploit, finance, firewall, framework, fraud, guide, Hardware, healthcare, infosec, infrastructure, intelligence, international, jobs, kubernetes, mitigation, msp, mssp, network, nist, programming, RedTeam, regulation, risk, risk-management, security-incident, service, skills, software, strategy, technology, threat, training, vpn, zero-day, zero-trust. You’ll often hear people say the difference between the two is that CISOs focus entirely on information security issues, while a CSOs remit is wider, also taking in physical security as well as risk management.But reality is messier. Many companies, especially smaller ones, have only one C-level security officer, called a CSO, with IT…
-
So sparen CISOs, ohne die Sicherheit zu torpedieren
Tags: business, ciso, compliance, cyber, cyberattack, cybersecurity, detection, governance, Hardware, iam, intelligence, jobs, risk, risk-management, software, strategy, threat, tool, vulnerabilityGeht’s dem Security-Budget an den Kragen, ist der Spielraum für CISOs denkbar gering.Vor etlichen Jahren fand sich David Mahdi, heute CISO Advisor beim IAM-Spezialisten Transmit Security, in einer Situation wieder, vor der wohl jedem Sicherheitsentscheider graut: Die Budgets sollten mitten im Jahr drastisch gekürzt werden ohne die Möglichkeit, irgendetwas aufzuschieben. “Das war damals eine unkontrollierbare…
-
So sparen CISOs, ohne die Sicherheit zu torpedieren
Tags: business, ciso, compliance, cyber, cyberattack, cybersecurity, detection, governance, Hardware, iam, intelligence, jobs, risk, risk-management, software, strategy, threat, tool, vulnerabilityGeht’s dem Security-Budget an den Kragen, ist der Spielraum für CISOs denkbar gering.Vor etlichen Jahren fand sich David Mahdi, heute CISO Advisor beim IAM-Spezialisten Transmit Security, in einer Situation wieder, vor der wohl jedem Sicherheitsentscheider graut: Die Budgets sollten mitten im Jahr drastisch gekürzt werden ohne die Möglichkeit, irgendetwas aufzuschieben. “Das war damals eine unkontrollierbare…