By continuing to use the site or Forum, you agree to the use of cookies, find out more by reading our GDPR policy.

Google has patched a vulnerability in the Chrome browser that allows an attacker to retrieve sensitive information from other sites via audio or video HTML tags. Ron Masas, a security researcher with Imperva, discovered and reported this issue —tracked as CVE-2018-6177— to Google. The browser maker fixed the security hole at the end of July with the release of Chrome v68.0.3440.75. The vulnerability can be exploited in older versions of Chrome in situations where an attacker can lure a victim on a malicious site, via malvertising (malicious code inside ads embedded on legitimate sites), or via vulnerabilities on legitimate sites where an attacker can inject and execute code —such as via stored cross-site scripting (XSS) flaws. In a write-up published earlier today and shared with Bleeping Computer, Masas explained that the attack scenario requires malicious code that loads content from legitimate sites inside audio and video HTML tags. Through the use of "progress" events, Masas says he can deduce the size of responses he gets from external sites, and guess various types of information. Under normal circumstances, this wouldn't be possible because of CORS —Cross-Origin Resource Sharing— a browser security feature that prevents sites from loading resources from other websites, but this attack bypasses CORS. Full details posted on OUR FORUM.

Most recent Intel processors for desktops, laptops, and tablets feature integrated graphics capable of driving 4K displays and maybe even some gaming tasks. But Intel has been beefing up its graphics team recently, and now the company has confirmed recent reports that it plans to launch a discrete graphics card in 2020. The news comes via a short video posted on Twitter, and while it’s light on details, the company does promise that in 2020 it will “set our graphics free,” indicating that we’ll see a GPU that’s not built into the same silicon as an Intel CPU. This isn’t Intel’s first foray into discrete graphics solutions. The company launched the Intel i740 graphics card in 1998… but it was a commercial flop and the company scrapped the entire product line not long after that (a small number of i752 cards were released, but Intel canceled the i754 graphics card before it ever launched). At this point, it’s unclear what Intel hopes to bring to the table in 2020. A lot has changed in the past two decades and the discrete GPU space is still dominated by NVIDIA and AMD (which acquired GPU maker ATI). But Intel has also been chugging along all that time pushing more and more advanced features into integrated graphics. There's more posted on OUR FORUM.

Today is Patch Tuesday and Microsoft has just rolled out Windows 10 KB4343909. In case you’re planning to upgrade the PC manually, the direct download links for Windows 10 KB4343909 are also available. KB4343909 is available for devices running Windows 10 version 1803 and it advances the system to Build 17134.228. The latest patch for Windows 10 April 2018 Update comes with its own pack of improvements. First and foremost, to check if you’re already running the latest build, press Win key + R and then winver. If it shows Windows 10 Build 17134.228, the cumulative update has installed successfully. If the build number is something else, you would need to Open Settings and navigate to Update & Security -> Windows Update -> Check for updates. The latest patch for Windows 10 April 2018 Update addresses both security and non-security bugs. The update has fixed issues with Internet Explorer and Microsoft Edge. In the changelog, Microsoft explains that the new protections against a speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF) have been applied. The company says that the vulnerability affects the Intel Core processors and Intel Xeon, processors. We have posted the download links on OUR FORUM.

At the Black Hat 2018 and DEF CON 26 security conferences held in Las Vegas last week, a security researcher detailed a backdoor mechanism in x86-based VIA C3 processors, a CPU family produced and sold between 2001 and 2003 by Taiwan-based VIA Technologies Inc. The affected CPU family was designed with PC use in mind but was more widely known for being deployed with point-of-sale units, smart kiosks, ATMs, gaming rigs, healthcare devices, and industrial automation equipment. The Rosenbridge backdoor mechanism Christopher Domas, a well-known hardware security expert, says that VIA C3 x86-based CPUs contain what he referred to as a "hidden God mode" that lets an attacker elevate the execution level of malicious code from kernel ring 3 (user mode) to kernel ring 0 (OS kernel). See here about CPU protection rings. Domas says that this backdoor mechanism —which he named Rosenbridge— is a RISC (Reduced Instruction Set Computer) co-processor that sits alongside the main C3 processor. Continue reading on OUR FORUM.

A new report from EnigmaSoft -- makers of the SpyHunter anti-malware product -- reveals the US cities with the highest rates of malware infection. Systems in Atlanta, Orlando, and Denver are most likely to be infected, with Louisville, Witchita, and Anchorage has the lowest infection rates. "It's hard to say exactly why one city or state has a higher rate of infection than others," says EnigmaSoft spokesperson Ryan Gerding. "There's a wide variety at the top of the list. Larger cities, smaller cities, and cities in every geographic area. The same is true for the least infected areas. New York and San Francisco ranked near the very bottom of the list." Infections are listed by state too, with Colorado ranked highest and Alabama lowest. The findings also look at the days of the week when malware is most likely to hit. Wednesday comes out as the most dangerous day, with Saturdays and Sundays the least, perhaps showing that even cybercriminals like to take the weekends off. Infections detected range from what EnigmaSoft identifies as Potentially Unwanted Programs or 'nuisanceware', which slow down computers and change some settings, all the way to ransomware, which threatens to delete valuable files unless the victim pays a ransom. "No matter what city or state you are in or what day of the week it is, it is important to always be vigilant about the threat of malware and other infections," Gerding adds. Find out how your US city ranks by visiting OUR FORUM.

Attackers are targeting DLink DSL modem routers in Brazil and exploiting them to change the DNS settings to a DNS server under the attacker's control. This then allows them to redirect users attempting to connect to their online banks to fake banking websites that steal the user's account information. According to research by Radware, the exploit being used by the attackers allows them to perform remote unauthenticated changes to DNS settings on certain DLink DSL modems/routers. This allows them to easily scan for and script the changing of large amounts of vulnerable routers so that their DNS settings point to a DNS server under the attacker's control. When users visit the fake websites, they will look almost identical to the original banking site. At the fake site, though, they will be asked for the bank agency number, account number, eight-digit pin, mobile phone number, card pin, and a CABB number. This information is then collected by the attackers. Complete details can be found on OUR FORUM.