Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Quotidien Hebdomadaire Mensuel

Quotidien Shaarli

Tous les liens d'un jour sur une page.

Jour précédent
Jour suivant

March 11, 2022

Armis Finds Three Critical Zero-Day Vulnerabilities in APC Smart-UPS Devices, Dubbed "TLStorm," Exposing More than 20 Million Enterprise Devices

Vulnerabilities found in widely-used Uninterruptible Power Supplies could allow attackers to bypass security features and remotely take over or damage critical industrial, medical, and enterprise devices

20:27
TLStorm, armis, UPS, APC, prnewswire, 2022, EN, vulnerability
EU and UK launch antitrust investigation into Google and Meta’s adtech dealings - The Verge

They’re accused of colluding to carve up the advertising market between them

11:33
theverge, EU, UK, EN, 2022, antitrust, investigation, Google, Meta, advertising, adtech, legal
BRANCH HISTORY INJECTION

On the Effectiveness of Hardware Mitigations Against Cross-Privilege Spectre-v2 Attacks
BHI (or Spectre-BHB) is a revival of cross-privilege Spectre-v2 attacks on modern systems deploying in-hardware defenses. And we have a very neat end-to-end exploit leaking arbitrary kernel memory on modern Intel CPUs to prove it (PoC||GTFO right?).

10:09
vusec, 2022, EN, analysis, spectre, exploit, speculative, cross-privilege, attack
Denmark: Datatilsynet publishes guidance on use of cloud technologies

The Danish data protection authority ('Datatilsynet') announced, on 9 March 2022, that it had published a new guide on the use of cloud services, as well as a short overview of frequently asked questions ('FAQs'). In particular, the Datatilsynet stated that the new guide is targeted at data controllers and notes the considerations which data controllers must keep in mind when using a cloud service, including an outline of the pitfalls, opportunities, and obligations that arise when using such technologies.
Document PDF

09:24
Denmark, dataguidance, EN, 2022, guidance, cloud, privacy, legal, EU, Datatilsynet