computer security

UEFI firmware rootkit

Experts Uncover New ‘CosmicStrand’ UEFI Firmware Rootkit Used by Chinese Hackers

An unknown Chinese-speaking threat actor has been attributed to a new kind of sophisticated Unified Extensible Firmware Interface (UEFI) firmware rootkit called CosmicStrand. “The rootkit is located in the firmware images of Gigabyte or ASUS motherboards, and we noticed that all these images are related to designs using the H81 chipset,” Kaspersky researchers said in …

Experts Uncover New ‘CosmicStrand’ UEFI Firmware Rootkit Used by Chinese Hackers Read More »

Microsoft

Microsoft Releases Fix for Zero-Day Flaw in July 2022 Security Patch Rollout

Microsoft released its monthly round of Patch Tuesday updates to address 84 new security flaws spanning multiple product categories, counting a zero-day vulnerability that’s under active attack in the wild. Of the 84 shortcomings, four are rated Critical, and 80 are rated Important in severity. Also separately resolved by the tech giant are two other …

Microsoft Releases Fix for Zero-Day Flaw in July 2022 Security Patch Rollout Read More »

Report: $540 Million Crypto Gaming Hack Made Possible By Elaborate Phishing Scheme

Report: $540 Million Crypto Gaming Hack Made Possible By Elaborate Phishing Scheme

Image: Sky Mavis NFT Pokémon clone Axie Infinity went from being famous for players profiting off its “play-to-earn” gaming scam to infamous for getting hacked out of $540 million in cryptocurrency. Now according to a new report by The Block we know what made the security breach possible: a sophisticated phishing attempt socially engineered on …

Report: $540 Million Crypto Gaming Hack Made Possible By Elaborate Phishing Scheme Read More »

Hacking Smartphones with Hermit Spyware

Google Says ISPs Helped Attackers Infect Targeted Smartphones with Hermit Spyware

A week after it emerged that a sophisticated mobile spyware dubbed Hermit was used by the government of Kazakhstan within its borders, Google said it has notified Android users of infected devices. Additionally, necessary changes have been implemented in Google Play Protect — Android’s built-in malware defense service — to protect all users, Benoit Sevens …

Google Says ISPs Helped Attackers Infect Targeted Smartphones with Hermit Spyware Read More »