Security researchers have identified a vulnerability in AMD processors that they have dubbed badRAM and which could allow threat actors with physical access to cloud computing environments to bypass encryption protections, reports The Record, a news site by cybersecurity firm Recorded Future. The flaw circumvents AMD’s Secure Encrypted Virtualization, which encrypts virtual machine memory to … Read more
Security researchers have uncovered a new surveillance tool that they say has been used by Chinese law enforcement to collect sensitive information from Android devices in China. The tool, named “EagleMsgSpy,” was discovered by researchers at U.S. cybersecurity firm Lookout. The company said at the Black Hat Europe conference on Wednesday that it had acquired … Read more
Security researchers have discovered multiple vulnerabilities in the infotainment units used in some Skoda cars that could allow malicious actors to remotely trigger certain controls and track the cars’ location in real time. PCAutomotive, a cybersecurity firm specializing in the automotive sector, unveiled 12 new security vulnerabilities impacting the latest model of the Skoda Superb … Read more
Nov 15, 2024Ravie LakshmananArtificial Intelligence / Vulnerability Cybersecurity researchers have disclosed two security flaws in Google’s Vertex machine learning (ML) platform that, if successfully exploited, could allow malicious actors to escalate privileges and exfiltrate models from the cloud. “By exploiting custom job permissions, we were able to escalate our privileges and gain unauthorized access to … Read more
A German draft law announced this week would protect researchers who discover security vulnerabilities from potential criminal prosecution under the nation’s computer crimes law. The proposed amendment to German Criminal Code § 202a, drafted by the country’s Federal Ministry of Justice in response to feedback from experts in academia, law and cybersecurity, adds explicit exceptions … Read more
