Tag Archives: Vulnerability

Intel has recently disclosed a recently discovered security vulnerability dubbed “Downfall” affecting various Intel CPU generations. This susceptibility has been traced back to a memory optimisation feature that uses the “Gather” instruction. As the name implies, this instruction gathers data from dispersed locations, inadvertently laying bare the internal hardware registers …

We are almost two years into the new console generation, and it appears that jailbreakers are beginning to find weaknesses in the PlayStation 5's firmware. The PS5 has already had a number of revisions and software updates, so most users will likely not be able to use the current jailbreak …

Yesterday was quite the rollercoaster for Titanfall 2 players, as reports began claiming that a new bug had been discovered, which could allow “local code execution” from the game server, something that hackers could take full advantage of. To be safe, many began advising that players uninstall the game but …

Windows 11 preview testers have discovered an early security bug, one that seems to have carried over from Windows 10. This new Windows 10 and Windows 11 vulnerability creates a path for any local user to gain admin privileges. As reported by Bleeping Computer, some Windows 10 and Windows 11 …

Last week, we learned that a vulnerability has begun affected Western Digital's My Book Live and My Book Live Duo devices, leading to data loss for users when these devices are connected to the internet. Now, WD has discovered that there is also a second exploit affecting these drives. In …

It was revealed this week that Dell is in the process of updating hundreds of PC models to address a security bug affecting machines dating all the way back to 2009. The vulnerability allows an attacker to gain kernel-level permissions in Windows.  The vulnerability was found by security firm Sentinel …

AMD has published a document warning that Zen 3-based processors may be targeted by side-channel attacks. As per its description, this vulnerability is similar to Spectre, which plagued Intel processors three years ago. AMD Zen 3 core architecture features a new technology that improves performance by predicting the “relationship between loads …

Back in May, Intel shared information regarding an MDS (Microarchitectural Data Sampling) issue that could be exploited to extract data from its CPUs, bypassing security. On the 12th of November, Intel shared more about the subject by disclosing a new TSX Asynchronous Abort (TAA) vulnerability. Intel also shared information on the …

The latest GeForce, Quadro and Telsa drivers address five security flaws, making now a good time ensure you are up to date.

It has been just over a year since CPU vulnerabilities like Spectre and Meltdown last dominated the news cycle. Efforts have been made to fix these flaws and newer CPUs have extra protections in place. Unfortunately for Intel, a new issue has now popped up, known as ‘Zombieload', which has …

Despite Microsoft’s efforts helping to quell Spectre and Meltdown CPU issues, it looks as though the company will have to turn its attention to Windows as a zero-day vulnerability has come to light. Pending some specific conditions, this new attack could grant perpetrators system privileges. Twitter user SandboxEscaper made the …

Today, Apple began rolling out its latest version of macOS, known as ‘High Sierra'. The update aims to give Mac users several new and useful features but unfortunately, it seems that the update also brought to light a flaw in Keychain- Apple's program to store and share passwords across multiple …

The forum for the world's most popular torrent client, Utorrent, has been hacked, leading to the possiblity of the 388,000 registered members' passwords being revealed. The administrators have released this notice as a warning that passwords have been compromised and should be changed, especially if they are re-used anywhere else. HaveIBeenPwnd is …

Last year saw the launch of the Blackphone, a smartphone designed and built for the super security/privacy conscious. However, even a device built to be secure can run into problems as independent researchers revealed that the device had a pretty severe vulnerability that could allow hackers to send and receive …

You really should disable or uninstall Adobe Flash at this point. If you haven't yet done so however here is another reason, following on from last week's 0-day exploit; there is another critical vulnerability that is being actively exploited in the wild, the only difference this time is that there is …

North Korea for all of its virtues, is not a country that is known for a thriving software industry, but did you know that they have their own homegrown operating system? Well they do and it's called Red Star OS. The Democratic People's Republic of Korea (DPRK) first launched the OS, which …

Synology's NAS devices have usually reviewed quite well here at Kitguru, which is why it was a real shame that a few days ago to learn that its Diskstation Manager software had some major security vulnerabilities that had yet to be fixed. Fortunately now a patch has been released and …

As if we didn't have enough security concerns at the moment, here comes another one to make the situation worse. HTTPS, long the staple of website logins, is now said to be vulnerable to a new Department of Homeland Security debuted vulnerability, that allows those using it to potentially steal …

Update: Skype has now disabled the password reset link, though there is another one that's supposedly active. Original Story: A new exploit for VOIP software client, Skype, has been discovered that has the potential to allow anyone to steal anyone else's account, if they have the person's login email. Fortunately …

After details were revealed by Radu Dragusin over at IEEElog.com a few days ago that passwords and user details for some 100,000 members of the Institute of Electrical and Electronics Engineers had been made publicly available on the company's FTP server for at least a month, the organisation has now …

Ubisoft's online service, uPlay, has had a real vulnerability exposed, that can be used to view customer files and information. While it was initially thought that this was a deliberate backdoor hidden by programmers of the service, it seems more likely now that it is an unintentional vulnerability. IT “experts” …