CVE-2021-0154
Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access....
CVE-2021-0153
Out-of-bounds write in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. Read...
CVE-2021-0126
Improper input validation for the Intel(R) Manageability Commander before version 2.2 may allow an authenticated user to potentially enable escalation of privilege via adjacent access....
SEC Consult SA-20220512-0 :: Sandbox Escape with Root Access & Clear-text passwords in Konica Minolta bizhub MFP Printer Terminals
Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on May 12 SEC Consult Vulnerability Lab Security Advisory < 20220512-0 > ======================================================================= title: Sandbox Escape...
Re: Defense in depth — the Microsoft way (part 80): 25 (in words: TWENTY-FIVE) year old TRIVIAL bug crashes CMD.exe
Posted by Tavis Ormandy on May 12 They're explaining that you need privileges to attack *other* users. I don't think anyone is disputing you can...
Oklahoma City Indian Clinic Data Breach Affects 40,000 Individuals
Investigation revealed unauthorized party accessed and possibly retained sensitive customer information Read More
BrandPost: Deploy NDR to Modernize Your Cybersecurity Strategy
On March 21, the White House released a statement from President Biden regarding the nation’s cybersecurity, including recommendations for private companies. As the conflict in Ukraine continues, the...
Costa Rica Declares National Emergency Following Conti Cyber-Attack
The declaration came with IT systems across several ministries rendered unusable Read More
USN-5420-1: Vorbis vulnerabilities
It was discovered that Vorbis incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service, or possibly execute...
Smashing Security podcast #274: Hands off my biometrics, and a wormhole squirmish
Clearview AI receives something of a slap in the face, and who is wrestling over an internet wormhole? All this and more is discussed in...