devices
-
Blog
Over 16,000 Fortinet devices compromised with symlink backdoor
Over 16,000 internet-exposed Fortinet devices have been detected as compromised with a new symlink backdoor that allows read-only access to sensitive files on previously compromised devices. This exposure is being reported by threat monitoring platform The Shadowserver Foundation, which initially reported 14,000 devices were exposed. Today, Shadowserver’s Piotr Kijewski told BleepingComputer that the cybersecurity organization now detects 16,620 devices impacted…
Read More » -
Blog
Some devices offered Windows 11 upgrades despite Intune blocks
Microsoft is working to fix an ongoing issue causing some users’ Windows devices to be offered Windows 11 upgrades despite Intune policies preventing them. This known issue has impacted Windows desktop devices since Saturday, April 12, and is caused by what the company describes as a “latent code issue.” Redmond added earlier today in an update to the Microsoft 365…
Read More » -
Blog
April update has broken Windows Hello for some devices but there’s a quick fix – Computerworld
However, he said, “given the temporary workaround that was published, and an expected fast fix, the negative impact shouldn’t be long term or extensive. It’s also been widely shared in the news, and that could help reduce the call volume and trouble tickets for enterprises.” Microsoft said in the release notes for a Patch Tuesday security update released this week…
Read More » -
Blog
McAfee’s Total Protection Has Your Back on 5 Devices for Just $19.99
Image: StackCommerce TL;DR: Get two years of McAfee Total Protection for five devices for just $19.99 (reg. $149.99). In today’s work-anywhere world, protecting your data and devices is no longer optional. That’s why McAfee Total Protection is more than just antivirus software. It’s a full-featured cybersecurity suite designed for professionals, remote workers, and business owners who rely on seamless, secure…
Read More » -
Blog
encrypted messaging between Android and iOS devices coming, says GSMA – Computerworld
The result is that if you want to send a secure RCS message between Android devices, you need to use Google’s own Messages app at both ends; it implements E2EE using the well-worn Signal protocol. Similarly, Apple adopted RCS in iMessage last year, but with a proprietary implementation of E2EE. In short, it’s a confusing jumble. This is one reason…
Read More » -
Blog
Nearly a million devices were infected in a huge GitHub malvertising campaign
Microsoft has alerted users to a malvertising campaign leveraging GitHub to infect nearly 1 million devices around the world. A new advisory from Microsoft Threat Intelligence stated that in December 2024 it detected a large-scale campaign using the developer platform as the primary vehicle to deliver the initial access payloads used in attacks. The campaign’s initial stage injects adverts into…
Read More » -
Blog
Billions of Devices at Risk of Hacking Due to Hidden Commands
Tarlogic team giving their presentation during RootedCON. Image: Tarlogic Billions of devices worldwide rely on a widely used Bluetooth-Wi-Fi chip that contains undocumented “hidden commands.” Researchers warn these commands could be exploited to manipulate memory, impersonate devices, and bypass security controls. ESP32, manufactured by a Chinese company called Espressif, is a microcontroller that enables Bluetooth and Wi-Fi connections in numerous…
Read More » -
Blog
New Chirp tool uses audio tones to transfer data between devices
A new open-source tool named ‘Chirp’ transmits data, such as text messages, between computers (and smartphones) through different audio tones. The tool, developed by cybersecurity researcher solst/ICE, maps each character into a specific sound frequency and plays it along with real-time visualization. Other microphone-equipped computers running Chirp may capture the sound and translate the message back into text. The project allows…
Read More » -
Blog
Undocumented commands found in Bluetooth chip used by a billion devices
Update 3/9/25: After receiving concerns about the use of the term ‘backdoor’ to refer to these undocumented commands, we have updated our title and story. Our original story can be found here. The ubiquitous ESP32 microchip made by Chinese manufacturer Espressif and used by over 1 billion units as of 2023 contains undocumented commands that could be leveraged for attacks. The…
Read More » -
Blog
Undocumented “backdoor” found in Bluetooth chip used by a billion devices
The ubiquitous ESP32 microchip made by Chinese manufacturer Espressif and used by over 1 billion units as of 2023 contains an undocumented “backdoor” that could be leveraged for attacks. The undocumented commands allow spoofing of trusted devices, unauthorized data access, pivoting to other devices on the network, and potentially establishing long-term persistence. This was discovered by Spanish researchers Miguel Tarascó…
Read More »