The species has remained relatively unchanged for hundreds of millions of years, earning the nickname “living fossil,” researchers said.
AMD is warning about a high-severity CPU vulnerability named SinkClose that impacts multiple generations of its EPYC, Ryzen, and Threadripper processors. The vulnerability allows attackers with Kernel-level (Ring 0) privileges to gain Ring-2 privileges and install malware that becomes nearly undetectable.
Ring-2 is one of the highest privilege levels on a computer, running above Ring-1 (used for hypervisors and CPU virtualization) and Ring 0, which is the privilege level used by an operating system’s Kernel.
The Ring-2 privilege level is associated with modern CPUs’ System Management Mode (SMM) feature. SMM handles power management, hardware control, security, and other low-level operations required for system stability.
Researchers from the RIKEN Center for Computational Science (Japan) and the Max Planck Institute for Evolutionary Biology (Germany) have published new findings on how social norms evolve over time. They simulated how norms promote different social behavior, and how the norms themselves come and go. Because of the enormous number of possible norms, these simulations were run on RIKEN’s Fugaku, one of the fastest supercomputers worldwide.
Researchers uncover 10 security flaws in Google’s Quick Share, potentially allowing remote code execution on Windows. Update to version 1.0.1724.0 or.
An ongoing, widespread malware campaign has been observed installing rogue Google Chrome and Microsoft Edge extensions via a trojan distributed via fake websites masquerading as popular software.
“The trojan malware contains different deliverables ranging from simple adware extensions that hijack searches to more sophisticated malicious scripts that deliver local extensions to steal private data and execute various commands,” the ReasonLabs research team said in an analysis.
“This trojan malware, existing since 2021, originates from imitations of download websites with add-ons to online games and videos.”
Microsoft reveals a critical zero-day flaw in Office. Users urged to update systems before August 13 patch.
Critical AWS vulnerabilities allow attackers to gain admin control, steal data, and execute remote code. Amazon has addressed these flaws.
Cybersecurity researchers have uncovered weaknesses in Sonos smart speakers that could be exploited by malicious actors to clandestinely eavesdrop on users.
The vulnerabilities “led to an entire break in the security of Sonos’s secure boot process across a wide range of devices and remotely being able to compromise several devices over the air,” NCC Group security researchers Alex Plaskett and Robert Herrera said.
Successful exploitation of one of these flaws could allow a remote attacker to obtain covert audio capture from Sonos devices by means of an over-the-air attack. They impact all versions prior to Sonos S2 release 15.9 and Sonos S1 release 11.12, which were shipped in October and November 2023.