This week, we've seen the release of a new Windows 11 test build, the reveal of some future game releases, and the advent of the HiveNightmare security flaw. Be sure to catch up via our overview.
Security flawRSS
Microsoft has acknowledged the new HiveVulnerability flaw found recently in Windows 10 and 11 builds. The company is yet to patch the problem but has released a workaround for the vulnerability today.
This past week has seen PrintNightmare patches come out (and be contested), the arrival of new Insider builds, additional Game Pass games, and more. Be sure to catch up via our handy overview.
Project OneFuzz is an extensible fuzz testing framework for Azure. The new tool has been made available on GitHub under an MIT license, and will continue to be maintained and expanded.
Check Point Research uncovered a vulnerability on Alexa that could have exposed users' personal information. The flaw could have been triggered by clicking on a link to a page with malicious code.
Nintendo has updated its statement regarding a security breach back in April, saying 140,000 additional accounts may have been affected. These accounts have had their passwords reset.
'Thunderspy' affects devices Thunderbolt-enabled devices manufactured before 2019. Within five minutes, a locked and encrypted device can be hacked into, and then the data can be accessed.
Researchers discovered security flaws in the immensely popular social media application that would have allowed hackers to access users' personal data and manipulate the content on their accounts.
Government Payment Service, a U.S. company used by state and local governments for fine and bail payments, has reportedly compromised more than 14 million sensitive user records dating back to 2012.
In a major security oversight by Epic Games, Google identified a flaw in the Fortnite installer for Android allowing alternative APKs to be quietly installed with all requested permissions.
TeenSafe, a child monitoring app for Android and iOS, left its user information exposed in an unprotected Amazon server, revealing user information of both parents and kids, including passwords.
Two independent Israeli researchers have found a loophole with Microsoft's digital assistant- Cortana. The assistant can be used by anyone with malicious intent to bypass a locked PC.
In its quarterly earnings call for investors, the company vowed that it was working to fix the flaws in its chips, and vowed that its processors due out later this year will be vulnerability-free.
A newly discovered security flaw lets anyone gain full access to the Moto G5 Plus sold under Amazon's Prime Exclusive Phone program, by simply tapping on an advert on the lock screen.
Find out whether your computer is vulnerable to Spectre and Meltdown with just one click!
AMD has maintained that its processors are immune to Meltdown and that its chip architecture made it likely that Spectre posed zero risk. However, it is still issuing updates to mitigate risk.
Intel has been battered by the revelation of vulnerabilities in its chips. For his part, CEO Brian Krzanich has owned up to the company's missteps, and now offers an open letter to the tech community.
Find out whether your computer is vulnerable to Spectre and Meltdown with just one click!
Intel has been getting battered from all sides because of the Meltdown and Spectre flaws found in its chips. While other chip designs face the same Spectre issues, Torvalds chose to target Intel.
The discovery of security flaws built into Intel's processors was apparently found last year by the Google security team. The flaw was also found to be in AMD and ARM processors as well.
A programmer managed to develop an app for iOS that, once given access, would take pictures of him and upload them without informing him. Facial recognition could also be exploited by the loophole.
Android devices are significantly implicated in recently revealed WPA2 vulnerabilities with all devices running Android 6.0 and above subject to a more significant variation of the attack.
A new Duo Security report says that firmware that hasn't been updated makes security holes for hackers. A test of Macs found 4% have the problem. Windows users could also be at even more of a risk.
A student from Uruguay has been rewarded by Google with $10,000 after he found a security issue that could have been used by hackers to steal sensitive information. The flaw has since been fixed.
Virgin Media, one of the UK's largest ISPs, is encouraging hundreds of thousands of customers to change their passwords after a security vulnerability was discovered on its Super Hub 2 home router.
From the Build conference, to hackers with confidence, to games, Microsoft Fluent Design, and the return of OneDrive placeholders, it's our handy walkthrough of the week's top tech news.
Microsoft has issued an update to fix a flaw in its Malware Protection Engine. The flaw would have allowed for an attacker to use remote code execution, therefore putting many users at risk.
It was revealed via an advisory that Intel has finally patched a security vulnerability which has been around since 2008. It affects the firm's management solutions, firmware versions 6 through 11.6.
A flaw in Microsoft's Word application was able to be exploited by hackers for months on end. The Redmond giant was in the middle of an in-depth investigation about it when attacks started in January.
In an embarrassing security oversight flagged by security researcher, Amitay Dan, TP-Link lost control of the domain name used to manage its consumer routers, leaving computers prone to attack.
Google's Project Zero researcher, Tavis Ormandy, has uncovered a raft of critical vulnerabilities affecting the core engine found in Symantec and Norton branded security products.
Despite Qualcomm's collaboration with FireEye to close a critical daemon vulnerability affecting a raft of Android devices, it is likely that most of them will never actually receive the patch.
According to a database run by the U.S. government, the number of disclosed and fixed vulnerabilities by product was led by OS X, iOS and Flash, with Android at #20 and Windows at #14.
Trend Micro has reported that attackers part of a foreign cyber espionage campaign, referred to by the company as Pawn Storm, have leveraged an exploit discovered in Adobe's Flash Player software.
Despite the successful rollout of iOS 9 over the past week, it seems the platform has hit some turbulence with a new Siri related flaw allowing access to contacts & photos without the need for a PIN.
Security firm "Inside Security" have found what they believer are a number of security issues within Microsoft's Outlook.com android application which could leave users data exposed and unencrypted.
Two separate estimates show that around half of the servers previously affected by HeartBleed are still susceptible. The estimates show around 318,239, or 2.33% of all servers are still vulnerable.
CRA Commissioner Andrew Treusch stated that over a period of six hours, the Social Insurance Numbers of around 900 people were removed from CRA computer systems.
A free browser extension call Sell Hack is being used to uncover the e-mail address of Linkedin users. The developers say that there is nothing illegal going on but LinkedIn is taking legal action.
Security firm FireEye has published a new report exposing an iOS 7 vulnerability which could allow hackers to monitor user interactions such as touches, home and volume key presses as well as TouchID.
_small.jpg)
_small.jpg)
