So much for Windows 10’s security: a zero-day in the device installer software grants admin rights just by plugging in a mouse or other compatible device.
Source: Read More (Threatpost)
You might be interested in …
Daily NCSC-FI news followup 2020-01-30
Enterprise Hardware Still Vulnerable to Memory Lane Attacks www.darkreading.com/vulnerabilities—threats/enterprise-hardware-still-vulnerable-to-memory-lane-attacks/d/d-id/1336921 Most laptops, workstations, and servers are still vulnerable to physical attacks via direct memory access, despite mitigations often being available, report says.. Report: eclypsium.com/2020/01/30/direct-memory-access-attacks/ Dozens of companies have data dumped online by ransomware ring seeking leverage arstechnica.com/information-technology/2020/01/dozens-of-companies-have-data-dumped-online-by-ransomware-ring-seeking-leverage/ Maze operators “gift” Pensacola by removing data dump, but […]
[SecurityWeek] Android’s March 2022 Security Updates Patch 39 Vulnerabilities
Google this week announced the release of patches for 39 vulnerabilities as part of the March 2022 security update for Android. The most serious vulnerability is CVE-2021-39708, a remotely exploitable elevation of privilege issue identified in the System component. read more Source: Read More (SecurityWeek RSS Feed)
[ZDNet] Fujifilm becomes latest ransomware victim as White House urges business leaders to take action
The National Security Council’s top cyber official, Anne Neuberger, released an open letter warning businesses that every organization is at risk. Source: Read More (Latest topics for ZDNet in Security)