Read Time:4 Second
Remediation efforts are prioritized based on exploitation status, safety impact and prevalence criteria
Monthly Archives: November 2022
Man Arrested in Ontario For Alleged LockBit Ransomware Involvement
Read Time:5 Second
Mikhail Vasiliev was apprehended in Canada and is in custody awaiting extradition to the US
CVE-2021-33164
Read Time:9 Second
Improper access control in BIOS firmware for some Intel(R) NUCs before version INWHL357.0046 may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2021-33159
Read Time:14 Second
Improper authentication in subsystem for Intel(R) AMT before versions 11.8.93, 11.22.93, 11.12.93, 12.0.92, 14.1.67, 15.0.42, 16.1.25 may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2021-33064
Read Time:9 Second
Uncontrolled search path in the software installer for Intel(R) System Studio for all versions, may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2021-26251
Read Time:8 Second
Improper input validation in the Intel(R) Distribution of OpenVINO(TM) Toolkit may allow an authenticated user to potentially enable denial of service via network access.
Twitter C-Level Resignations Continue As Blue Program Creates New Cyber-Risks
Read Time:5 Second
They left quoting concerns about the rollout of new features without an FTC consent decree
#IRISSCON: Social Engineering Testers Warned Not to Cross Ethical and Legal Boundaries
Read Time:4 Second
Sharon Conheady discusses the ethical and legal dilemmas often faced by social engineering testers
NSA Over-surveillance
Read Time:18 Second
Here in 2022, we have a newly declassified 2016 Inspector General report—”Misuse of Sigint Systems”—about a 2013 NSA program that resulted in the unauthorized (that is, illegal) targeting of Americans.
Given all we learned from Edward Snowden, this feels like a minor coda. There’s nothing really interesting in the IG document, which is heavily redacted.
News story.
CISA Says Midterm Voting Uncompromised By Cyber-attacks
Read Time:5 Second
Election workers will continue to work in the days ahead to certify the election results