Hackable Intel and Lenovo hardware that went undetected for 5 years won’t ever be fixed
https://arstechnica.com/security/2024/04/supply-chain-snafu-causes-intel-and-others-to-ship-hackable-hardware-for-5-years/ #Intel #Lenovo #hardware #vulnerability #SupplyChain #RemoteExploit #unfixable #lighttpd

Update on xz-utils to sshd exploit

https://www.openwall.com/lists/oss-security/2024/03/30/36

Thanks to everyone who is working to investigate and mitigate this exploit!

#InfoSec #FLOSSsecurity #SSH #RemoteExploit

xz tool chain compromise in February compromising versions 5.6.0 and 5.6.1

"inject malicious code, at build time, into the resulting liblzma5 library"

"resulting malicious build interferes with authentication in sshd via systemd"

https://lists.debian.org/debian-security-announce/2024/msg00057.html

https://www.redhat.com/en/blog/urgent-security-alert-fedora-41-and-rawhide-users

#InfoSec #FLOSSsecurity #RemoteExploit

Researchers Warn of Flaw Affecting Millions of IoT Devices - A patch has been issued for the flaw in a widely-used module, and researchers are urging IoT manuf... https://threatpost.com/flaw-affecting-millions-iot-devices/158472/ #informationdisclosure #cinterionehs8module #internetofthings #cve-2020-15858 #remoteexploit #vulnerability #insulinpump #smartcity #thales #hacks #patch #iot #fix

How the Linux kernel balances the risks of public bug disclosure - A serious Wi-Fi flaw shows how Linux handles security in plain sight. more: https://nakedsecurity.sophos.com/2019/11/15/how-the-linux-kernel-balances-the-risks-of-public-bug-disclosure/ #securitythreats #cve-2019-17666 #linuxcommunity #wi-fiinterface #vulnerability #bugdisclosure #remoteexploit #linuxkernal #linux #wi-fi #cves #flaw #bug

to continue #ExploitTuesday Microsoft released updates for old versions of Windows with a wormable security bug

Kudos to Microsoft for updating out of support releases

https://www.theverge.com/2019/5/14/18623565/microsoft-windows-xp-remote-desktop-services-worm-security-patches

#InfoSec #RemoteExploit