Signal: Unsere Push-Benachrichtigungen zeigen Spionen nichts
Heise Security 12.12.2023 22:33
Geheimdienste sammeln Daten aus Push-Benachrichtigungen von Android und iPhone. Beim Signal-Messenger ist da wenig zu holen, sagt die Stiftung.
Kyivstar: Hacker legen größten Mobilfunkanbieter der Ukraine lahm
Spiegel Online 12.12.2023 15:13
Eine »mächtige« Hackerattacke hat das Netz des größten ukrainischen Mobilfunkproviders Kyivstar kollabieren lassen, 24 Millionen Kunden sind betroffen. Es war nicht der einzige Cyberangriff des Tages.
New Windows/Linux Firmware Attack
Schneier on Security 12.12.2023 13:01
Interesting attack based on malicious pre-OS logo images:
LogoFAIL is a constellation of two dozen newly discovered vulnerabilities that have lurked for years, if not decades, in Unified Extensible Firmware Interfaces responsible for booting modern devices that run Windows or Linux….
The vulnerabilities are the subject of a coordinated mass disclosure released Wednesday. The participating companies comprise nearly the entirety of the x64 and ARM CPU ecosystem, starting with UEFI suppliers AMI, Insyde, and Phoenix (sometimes still called IBVs or independent BIOS vendors); device manufacturers such as Lenovo, Dell, and HP; and the makers of the CPUs that go inside the devices, usually Intel, AMD or designers of ARM CPUs……