Security researchers have come up with a variation of the Rowhammer attack that bypasses all previously proposed countermeasures.
A team of three scientists from Columbia University has discovered that by attacking the combo of hardware and software management utilities embedded with modern chipsets, threat actors can take over systems via an attack surface found in almost all modern electronic devices.
Embedi, a hardware security firm, has published details about two vulnerabilities that have yet to be patched in the firmware of D-Link routers. This marks the second incident of this sort in the last five days.
South Korean security researcher Pierre Kim has published details about ten vulnerabilities he discovered in the firmware of D-Link DIR 850L routers.
Six scientists from Zhejiang University in China have discovered that they could use ultrasound frequencies — inaudible to human ears — to send commands to speech recognition software and take over devices such as smartphones, smart home assistants, or even cars.
Lenovo has settled charges with the FTC and 32 state attorneys for shipping laptops preinstalled with the Superfish adware back in 2014 and 2015.
Security researchers have found five gaping holes in the firmware running on Arris modems, three of which are hardcoded backdoor accounts.
Researchers from Positive Technologies — a provider of enterprise security solutions — have found a way to disable the Intel Management Engine (ME), a much-hated component of Intel CPUs.
A US man has filed a lawsuit against Logitech, a Swiss-based manufacturer of electronic devices, on accusations that Logitech had intentionally delayed and tried to discourage warranty claims for defective products, falsely advertised products, and even hid an End-Of-Life (EOL) announcement from customers.
A botched firmware update for Samsung smart TVs has left many owners unable to use their devices, two weeks after it happened.
At a recently concluded security conference, experts from an Israeli university have presented new research that describes a possible attack scenario which leverages replacement parts to carry out attacks on smartphones and other smart devices.
New research published this week by researchers from the University of Washington shows how an attacker could track a user's movements using speakers and microphones that come with computers, laptops, tablets, smartphones, and other devices.
On Tuesday, August 8, smart locks manufacturer LockState botched an over-the-air firmware update for its WiFi enabled smart locks, causing the devices to lose connectivity to the vendor's servers and the ability to open doors for its users.
A large malspam campaign is underway that is pushing a new Locky variant that appends the .diablo6 extension to encrypted files. Is this the return of Locky or just a brief resurgence?
Intel released a new CPU model this week, the Intel Core i9 7900X, which is the latest model to feature a new cache architecture that hardware experts believe it will make exploitation of side-channel attacks a lot harder.
Ninebot, the company behind Segway hoverboards, has issued new firmware to fix various security flaws that allow an attacker to connect to and take over users' devices.
A vulnerability codenamed Devil's Ivy is putting thousands of Internet-connected devices at risk of hacking.
The maker of a smart home security system has failed to patch five security issues in the firmware of his product. These flaws allow an attacker to bypass authentication, take over devices, and disable alarm systems, leaving homes exposed to burglaries.
A team of researchers from Fox-IT and Riscure has put together a device using off-the-shelve electronic parts that deduces encryption keys using only electromagnetic emissions coming from a nearby computer.