Haythem Elmir

Ilia Luk-Zilberman, the Chief Technical Officer (CTO) of CTS Labs, the company behind yesterday’s disclosure of 13 vulnerabilities affecting AMD processors, has published an open letter today, explaining his company’s controversial actions that managed to enrage a huge portion of the tech and security research communities. CTS Labs faced a massive […]

Earlier this month, Microsoft announced it would be bundling Intel microcode (BIOS) updates meant to fix the graver version of the Spectre vulnerability as Windows Update packages made available via the Microsoft Update Catalog portal. Yesterday, Microsoft greatly expanded the number of such packages, extending support from the initial Skylake 6th […]

Adobe has patched a set of critical vulnerabilities which can lead to remote code execution, information leaks, and file deletion. On Tuesday, the tech giant’s security advisory noted that the vulnerabilities impact Adobe Flash Player, Adobe Connect, and Adobe Dreamweaver CC. Two vulnerabilities which relate to Flash, a use-after-free flaw (CVE-2018-4919) and […]

SAP released March 2018 SAP Security Patch Day that addresses High and Medium priority vulnerabilities in its products, including three decade-old issues in SAP Internet Graphics Server. March 2018 SAP Security Patch Day includes 10 Security Notes, three rated High priority and 7 rated as Medium priority. The company also released […]

  Hackers allegedly stole hundreds of reports using a security flaw in an online tool used by the police. In normal circumstances, police are the investigating authority but Gwent County Police in the United Kingdom is in hot water and being investigated for not informing complainers that reports they filed have […]

The financial services industry is crucial to the health of the UK economy – accounting for more than a million jobs (double that employed in agriculture, for example) and contributing more than £120 billion in gross value added. The country has a healthy trade surplus of £60 billion-plus in this […]

A critical vulnerability in the Credential Security Support Provider protocol (CredSSP), introduced in Windows Vista and used in all Windows versions since then, can be exploited by MitM attackers to run code remotely on previously uninfected machines and servers in the attacked network. About CredSSP CredSSP provides single sign-on (SSO) […]

MOSQUITO is new technique devised by a team of researchers at Israel’s Ben Gurion University, led by the expert Mordechai Guri, to exfiltrate data from an air-gapped network. The technique leverage connected speakers (passive speakers, headphones, or earphones) to acquire the sound from surrounding environment by exploiting a specific audio chip feature. Once […]