It’s important to stay on top of security updates in this ever-changing online world. New vulnerabilities and issues on our hardware and software pop up every day, after all, and hackers and cybercriminals don’t waste a second to take advantage of them. Now, a dangerous vulnerability has been discovered that affects countless computers through UEFI.
A severe vulnerability has been found in libwebp, a code library used to render webp images, reports Stack Diary. Webp is a popular image format used by many sites on the Internet – but also by apps and some other software that use web views – and the vulnerability can be used, among other things, to run malicious code on affected devices. Worse yet, it is reportedly being actively exploited by malicious attackers.
China may have conducted digital espionage against the US’ Pacific interests. Microsoft and the National Security Agency (NSA) have revealed that an alleged state-sponsored Chinese hacking group, Volt Typhoon, installed surveillance malware in “critical” systems on the island of Guam and elsewhere in the US. The group has been operating since mid-2021 and reportedly compromised government organizations as well as communications, manufacturing, education and other sectors.
AllWinner and RockChip might not be household names, but the two China-based companies power several wildly popular Android TV boxes that are sold on Amazon.
Since its beta launch in November, AI chatbot ChatGPT has been used for a wide range of tasks, including writing poetry, technical papers, novels, and essays and planning parties and learning about new topics. Now we can add malware development and the pursuit of other types of cybercrime to the list.
Researchers at security firm Check Point Research reported Friday that within a few weeks of ChatGPT going live, participants in cybercrime forums—some with little or no coding experience—were using it to write software and emails that could be used for espionage, ransomware, malicious spam, and other malicious tasks.
A previously undocumented Python backdoor targeting VMware ESXi servers has been spotted, enabling hackers to execute commands remotely on a compromised system.
A vulnerability in a widely used Apache library has caused Internet-wide chaos—and the trouble may just be starting.
Well, it’s certainly been a year for cyberdebacles, so, sure, why not tie things off with a nice, fat security vulnerability that affects almost everything on the internet? That sounds about right.
Last week, Google announced that it had partially disrupted the operations of a massive botnet—a gargantuan network of over one million malware-infected Windows computers. In the world of cybersecurity, that would be news on its own, but this particular network was using an alarming blockchain integration that makes it tough to beat.
The LR Zone 