Samsung SSD Vulnerability Bypasses Bitlocker Encryption

Samsung Unlocks Bitlocker Microsoft, Samsung, and US-Cert have all issued advisories regarding a newly discovered vulnerability. A grouping of some of the most widely used SSDs contain a vulnerability that would allow access to encrypted data without the encryption key. Products tested and found to be vulnerable: Crucial (Micron) MX100, MX200 and MX300 drives Samsung…

November Third-Party Security Updates

Critical Updates for Apple and More On the same day that Apple announced their new set of products, they released a massive group of updates. These patches address critical vulnerabilities throughout their operating systems and software offerings. The OS vulnerabilities, both iOS and macOS, could allow arbitrary code execution. While Apple won’t reveal much about…

Most Linux Builds Need an Immediate Patch

An Attacker Could Take Over Impacted Systems With 3 Commands or Less A security researcher has discovered a highly critical flaw in X.Org Server package that impacts OpenBSD and most Linux distributions, including Debian, Ubuntu, CentOS, Red Hat, and Fedora. The flaw, tracked as CVE-2018-14665, was introduced in X.Org server 1.19.0 package that remained undetected for…

IoT OS Breached, Crashed and Hacked

FreeRTOS Has 13 Major Security Flaws Research performed by Zimperium’s zLabs team uncovered 13 vulnerabilities that could be manipulated to leak information, crash devices, and even take control with remote code execution. “During our research, we discovered multiple vulnerabilities within FreeRTOS’s TCP/IP stack and in the AWS secure connectivity modules. The same vulnerabilities are present…

Malware Tops Annual Cybercrime Report

Europol Cybercrime Report 2018 According to Europol’s 2018 Internet Organised Crime Threat Assessment (IOCTA) report, ransomware is the top threat to organizations. This report sites ransomware as the largest player in financially-motivated attacks. It also points out the increase in nation state cyber-attacks as a reason for ransomware’s continued leading threat level. Distributed-Denial-of-Service (DDoS) attacks…

BSOD for HP

Windows 10 Update causes HP Blue Screen of Death Microsoft is in trouble with its latest Windows 10 update. The October release 1809 already had a bug that was deleting users’ personal files. Now, this update is wreaking new havoc on HP devices, causing the dreaded Blue Screen of Death. Hold off on updating any…

Major Third-Party Security Updates

Google Polishes Chrome With an apparent rise in malicious extensions, Google has announced five changes that aim to secure their product. These should be incorporated into their next release in the later half of this month, Chrome 70. 1. Expanded controls for determining Chrome extension permissions According to an article by Chrome developers, “users [will]…