Researchers have demonstrated the “first native Spectre v2 exploit” for a new speculative execution side-channel flaw that impacts Linux systems running on many modern Intel processors.
Nov 27, 2023NewsroomServer Security / Encryption A new study has demonstrated that it’s possible for passive network attackers to obtain private RSA host keys from a vulnerable SSH server by observing when naturally occurring computational faults that occur while the connection is being established. The Secure Shell (SSH) protocol is a method for securely transmitting […]
Nov 16, 2023NewsroomCloud Security / Ransomware A set of novel attack methods has been demonstrated against Google Workspace and the Google Cloud Platform that could be potentially leveraged by threat actors to conduct ransomware, data exfiltration, and password recovery attacks. “Starting from a single compromised machine, threat actors could progress in several ways: they could […]
Nov 15, 2023NewsroomRansomware / Vulnerability Cybersecurity researchers have demonstrated a new technique that exploits a critical security flaw in Apache ActiveMQ to achieve arbitrary code execution in memory. Tracked as CVE-2023-46604 (CVSS score: 10.0), the vulnerability is a remote code execution bug that could permit a threat actor to run arbitrary shell commands. It was […]
Researchers at Positive Security demonstrated that by integrating a keylogger with a Bluetooth transmitter into a USB keyboard, passwords and other sensitive data typed on the keyboard can be relayed through the Find My network via Bluetooth.