admin

admin

  • Joined: September 10, 2024
  • Articles: 4617

New Intel CPU Vulnerabilities Uncovered: Memory Leaks and Spectre v2 Exploits Persist

May 16, 2025
Hardware Security / Vulnerability

Researchers at ETH Zürich have identified a critical new security flaw that affects all modern Intel CPUs, allowing the leakage of sensitive data from memory. This latest vulnerability, dubbed Branch Privilege Injection (BPI), showcases that the Spectre threat continues to impact computer systems over seven years after its initial discovery. According to ETH Zürich, BPI can be exploited to manipulate the CPU’s prediction calculations, granting unauthorized access to information from other users on the same processor. Kaveh Razavi, head of the Computer Security Group (COMSEC) and a co-author of the study, noted that this flaw affects all Intel processors, potentially allowing malicious actors to access the cache contents and working memory of different users sharing the CPU. The attack exploits Branch Predictor Race Conditions (BPRC), which arise when a processor alternates between prediction calculations for multiple users.

New Vulnerabilities in Intel CPUs Expose Risks of Memory Leaks and Spectre Attacks May 16, 2025 In a significant development for cybersecurity, researchers from ETH Zürich have identified a critical security flaw affecting all modern Intel processors. This vulnerability, dubbed…

MSI Confirms Ransomware Attack, Initiates Recovery Measures

In an official statement, Taiwanese PC manufacturer MSI (Micro-Star International) acknowledged being targeted by a cyber attack. The company quickly began implementing incident response and recovery protocols after observing “network anomalies.” MSI has informed law enforcement but did not provide details regarding the timing of the attack or whether any proprietary information, like source code, was compromised. The company reported that affected systems are gradually returning to normal operations with no major impact on its financial activities. In a regulatory filing with the Taiwan Stock Exchange, MSI announced plans to enhance its network and infrastructure security and advised users to obtain firmware and BIOS updates exclusively from its official website to ensure their data’s safety.

MSI, Taiwanese PC Manufacturer, Confirms Ransomware Attack In a significant cybersecurity incident, Taiwanese personal computer manufacturer Micro-Star International (MSI) has publicly acknowledged that it has suffered a ransomware attack. This confirmation follows the detection of “network anomalies,” prompting the company…

Exploring Wing Security’s Multi-Layered SaaS Identity Defense

April 16, 2025
SaaS Security / Identity Management

Introduction: Why Hack When You Can Log In?
SaaS applications are essential for modern organizations, enhancing productivity and operational efficiency. However, each new application introduces significant security risks through integrations and multiple users, creating potential access points for cyber threats. Recent data reveals a troubling rise in SaaS breaches; according to a May 2024 XM Cyber report, identity and credential misconfigurations were responsible for 80% of security exposures. Subtle indicators of compromise often go unnoticed amid the noise, allowing multi-stage attacks to develop undetected due to disconnected security measures. A scenario could unfold where an account takeover in Entra ID leads to privilege escalation in GitHub and data exfiltration from Slack. When examined individually, these incidents appear unrelated, but together they form a perilous breach.

Wing Security’s SaaS platform offers a comprehensive, multi-layered solution that integrates posture management with real-time identity threat detection and response. This empowers organizations to…

Product Walkthrough: Inside the Layered Identity Defense of Wing Security April 16, 2025 SaaS Security / Identity Management As organizations increasingly rely on SaaS applications to enhance productivity and streamline operations, the associated security risks are growing more significant. Each…

Security Flaw in AWS Default IAM Roles Threatens Lateral Movement and Cross-Service Exploitation

Researchers in cybersecurity have identified concerning default identity and access management (IAM) roles within Amazon Web Services (AWS) that could potentially allow attackers to escalate privileges, manipulate other AWS services, and even compromise accounts entirely. According to Aqua researchers Yakir Kadkoda and Ofek Itach, “These roles, typically created automatically or suggested during setup, grant excessively broad permissions, including full access to S3.” They warn that these default roles create silent attack vectors for privilege escalation and cross-service access, leading to possible account breaches. The cloud security firm pinpointed vulnerabilities in default IAM roles established by AWS services such as SageMaker, Glue, EMR, and Lightsail. A similar issue has also been detected in the widely-used open-source framework Ray, which generates a default IAM role (ray-autoscaler-v1) that includes the AmazonS3FullAccess policy.

AWS Default IAM Roles Discovered to Facilitate Lateral Movement and Cross-Service Exploitation May 20, 2025 Cybersecurity researchers have uncovered significant vulnerabilities tied to the default identity and access management (IAM) roles within Amazon Web Services (AWS). These vulnerabilities potentially allow…

CISA Alerts on Five Actively Exploited Security Vulnerabilities: Immediate Action Needed

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added five security vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, highlighting ongoing exploitation in real-world scenarios. Among these, three high-severity flaws in Veritas Backup Exec Agent software (CVE-2021-27876, CVE-2021-27877, and CVE-2021-27878) may allow attackers to execute privileged commands on the system. These vulnerabilities were addressed in a patch released by Veritas in March 2021.

  • CVE-2021-27876 (CVSS score: 8.1) – File Access Vulnerability
  • CVE-2021-27877 (CVSS score: 8.2) – Improper Authentication Vulnerability
  • CVE-2021-27878 (CVSS score: 8.8) – Command Execution Vulnerability

A recent report from Google-owned Mandiant highlighted that an affiliate tied to the BlackCat (also known as ALPHV and Noberus) ransomware operation is utilizing these vulnerabilities for attacks.

CISA Alerts Businesses to Five Critical Security Vulnerabilities: Immediate Response Needed On April 10, 2023, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent advisory concerning five newly identified security vulnerabilities now included in its Known Exploited Vulnerabilities…