Intel has done some mitigations for these vulnerabilities that can leak secrets from virtual machines, secure enclaves and kernel memory. Here's how the attacks work.
Stories by Lucian Constantin
By replacing a PC's SPI flash chip with one that contains rogue code, an attacker can can gain full, persistent access.
A recently released exploit takes advantage of a known configuration vulnerability that persists among many on-premise and cloud SAP instances.
If your company uses Confluence, make sure you have the latest available patches for this vulnerability.
Detected scans suggest attacker are seeking vulnerable servers to target for attacks.
Popular e-commerce platform Magento has released security patches to fix the flaw. Researchers say update now.
Web-based card skimmers are becoming harder to detect and remove thanks to evolving techniques.
A group of hackers is using a previously undocumented backdoor program designed to interact with attackers over Slack.
New Verizon report shows a big gap between organisations' mobile security risk concerns and mobile security best practices they implement.
The decade-old Qbot financial malware has resurfaced with an improved version in a new attack that has infected thousands of systems so far.
If you are running an older version of Elasticsearch, make sure you've patched its known vulnerabilities or consider upgrading.
Experts downplay discovery of a vulnerability that can expose passwords in a computer's memory. Hackers likely to take easier paths to stealing passwords.
WootCloud researchers discover an internet of things botnet based on Mirai that exploits Polycom video conferencing systems. Polycom has issued an advisory and best practices for mitigating the risk.
New report from Risk Based Security shows a downward trend in number breaches and exposed records, Unclear if privacy regulations like GDPR are having an effect.
Microsoft has removed eight applications from its app store for Windows that were mining Monero crypto-currency without users' knowledge.