Latest news with #CiscoTalos
Yahoo
06-08-2025
- Yahoo
Security flaw found, fixed that could have left millions of Dell laptops vulnerable, researchers say
By AJ Vicens (Reuters) -A flaw in the chips used to secure tens of millions of Dell laptops could have given attackers the ability to steal sensitive data as well as maintain access even after a fresh operating system install, researchers with Cisco Talos said Tuesday. The previously unreported analysis, validated by Dell in a June security advisory, affected more than 100 models of Dell laptops, according to the company, and targeted a chip in the computer that stores passwords, biometric data and security codes, and installs fingerprint, smartcard and near-field communications drivers and firmware. There is no indication that the vulnerabilities have been exploited in the wild, according to the researchers, and Dell issued patches for the devices in March, April and May, with an overall security advisory published June 13. The vulnerabilities are specific to the Broadcom BCM5820X chip used by Dell in its ControlVault security firmware and software. The flaw affects laptop models common in the cybersecurity industry and government settings, according to Philippe Laulheret, the senior vulnerability researcher at Cisco Talos who discovered and led the analysis. 'Sensitive industries that require heightened security when logging in (via smartcard or NFC) are more likely to find ControlVault devices in their environment,' Laulheret wrote in a blog published Tuesday ahead of a presentation of the analysis at the Black Hat security conference in Las Vegas scheduled for August 6. The findings highlight the need for more security research focused on computer hardware tasked with handling biometrics and other sensitive data, said Nick Biasini, head of outreach at Cisco Talos. 'These concepts of secure enclaves and using biometrics and these various other types of technologies are getting more and more widespread,' Biasini said. 'It's becoming commonplace on devices but it also introduces a new attack surface." A spokesperson for Dell said in a statement that the company addressed the issues 'quickly and transparently,' and directed customers to the June 13 advisory. 'As always, it is important that customers promptly apply security updates that we make available and move to supported versions of our products to ensure their systems remain secure,' the spokesperson said. Broadcom declined to comment. Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Tom's Guide
06-08-2025
- Tom's Guide
Millions of Dell laptops at risk of attack due to security chip flaw — update your PC right now
Millions of Dell laptops were vulnerable to attack that would have let potential hackers steal sensitive data and monitor activities thanks to a chip flaw. As reported by Reuters, Dell has released a fix to address a vulnerability which impacts a chip in many of its laptops that stores biometric data, passwords, security codes and more. The flaw was first discovered by researches at Cisco Talos. Dell apparently validated this analysis in a June security advisory in which it explained that the flaw affects more than 100 models of the company's laptops. Fortunately, no one has found indications that the flaw has been exploited in the wild, according to Cisco's researchers. Apparently, Dell issued security patches for the issue starting in March and then into April and May. The Reuters report says the vulnerable chip was the Broadcom BCM5820X which Dell was using in its 'ControlVault' software. Reuters does note that the laptops using that software are more likely to be used in industries handling sensitive information as it's designed to offer heightened security features. A Dell spokesperson told Reuters that it addressed the flaw "quickly and transparently." 'As always, it is important that customers promptly apply security updates that we make available and move to supported versions of our products to ensure their systems remain secure,' the spokesperson said. Get instant access to breaking news, the hottest reviews, great deals and helpful tips. This vulnerability does highlight some of the downsides to keeping biometrics and other sensitive information on your laptop, even with on-device security that is more common today. Fortunately, there are ways to stay safe in addition to installing the latest security patches. For instance, we've put together a list of 12 mistakes that you should avoid making with your computer. Relevant to today's news, you should make sure you keep your software up to date, especially security patches. Many people don't update out of an unwillingness to interrupt tasks or fear of new bugs and flaws. However, keeping your system updated will help make sure you don't have giant holes in your system. Many of these updates can be automated or scheduled, so make sure you don't avoid them and leave your machine vulnerable. Likewise, it's always a good idea to make sure that your laptop and other devices are protected against malware and other threats by using one of the best antivirus software suites. Follow Tom's Guide on Google News to get our up-to-date news, how-tos, and reviews in your feeds. Make sure to click the Follow button.
Yahoo
05-08-2025
- Yahoo
Security flaw found, fixed that could have left millions of Dell laptops vulnerable, researchers say
By AJ Vicens (Reuters) -A flaw in the chips used to secure tens of millions of Dell laptops could have given attackers the ability to steal sensitive data as well as maintain access even after a fresh operating system install, researchers with Cisco Talos said Tuesday. The previously unreported analysis, validated by Dell in a June security advisory, affected more than 100 models of Dell laptops, according to the company, and targeted a chip in the computer that stores passwords, biometric data and security codes, and installs fingerprint, smartcard and near-field communications drivers and firmware. There is no indication that the vulnerabilities have been exploited in the wild, according to the researchers, and Dell issued patches for the devices in March, April and May, with an overall security advisory published June 13. The vulnerabilities are specific to the Broadcom BCM5820X chip used by Dell in its ControlVault security firmware and software. The flaw affects laptop models common in the cybersecurity industry and government settings, according to Philippe Laulheret, the senior vulnerability researcher at Cisco Talos who discovered and led the analysis. 'Sensitive industries that require heightened security when logging in (via smartcard or NFC) are more likely to find ControlVault devices in their environment,' Laulheret wrote in a blog published Tuesday ahead of a presentation of the analysis at the Black Hat security conference in Las Vegas scheduled for August 6. The findings highlight the need for more security research focused on computer hardware tasked with handling biometrics and other sensitive data, said Nick Biasini, head of outreach at Cisco Talos. 'These concepts of secure enclaves and using biometrics and these various other types of technologies are getting more and more widespread,' Biasini said. 'It's becoming commonplace on devices but it also introduces a new attack surface." A spokesperson for Dell said in a statement that the company addressed the issues 'quickly and transparently,' and directed customers to the June 13 advisory. 'As always, it is important that customers promptly apply security updates that we make available and move to supported versions of our products to ensure their systems remain secure,' the spokesperson said. Broadcom declined to comment. Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Reuters
05-08-2025
- Reuters
Security flaw found, fixed that could have left millions of Dell laptops vulnerable, researchers say
Aug 5 (Reuters) - A flaw in the chips used to secure tens of millions of Dell (DELL.N), opens new tab laptops could have given attackers the ability to steal sensitive data as well as maintain access even after a fresh operating system install, researchers with Cisco Talos said Tuesday. The previously unreported analysis, validated by Dell in a June security advisory, affected more than 100 models of Dell laptops, according to the company, and targeted a chip in the computer that stores passwords, biometric data and security codes, and installs fingerprint, smartcard and near-field communications drivers and firmware. There is no indication that the vulnerabilities have been exploited in the wild, according to the researchers, and Dell issued patches for the devices in March, April and May, with an overall security advisory published June 13. The vulnerabilities are specific to the Broadcom (AVGO.O), opens new tab BCM5820X chip used by Dell in its ControlVault security firmware and software. The flaw affects laptop models common in the cybersecurity industry and government settings, according to Philippe Laulheret, the senior vulnerability researcher at Cisco Talos who discovered and led the analysis. 'Sensitive industries that require heightened security when logging in (via smartcard or NFC) are more likely to find ControlVault devices in their environment,' Laulheret wrote in a blog published Tuesday ahead of a presentation of the analysis at the Black Hat security conference in Las Vegas scheduled for August 6. The findings highlight the need for more security research focused on computer hardware tasked with handling biometrics and other sensitive data, said Nick Biasini, head of outreach at Cisco Talos. 'These concepts of secure enclaves and using biometrics and these various other types of technologies are getting more and more widespread,' Biasini said. 'It's becoming commonplace on devices but it also introduces a new attack surface." A spokesperson for Dell said in a statement that the company addressed the issues 'quickly and transparently,' and directed customers to the June 13 advisory. 'As always, it is important that customers promptly apply security updates that we make available and move to supported versions of our products to ensure their systems remain secure,' the spokesperson said. Broadcom declined to comment.
Tom's Guide
04-08-2025
- Tom's Guide
200,000 passwords, credit card data and more stolen by this dangerous new malware — how to stay safe
Hackers are now using legitimate-looking software and documents to infect unsuspecting users with a new info-stealing malware capable of pilfering your passwords, credit card data and more. As reported by The Hacker News, this new campaign is believed to be the work of Vietnamese-speaking cybercriminals who have begun deploying the PXA Stealer malware in their attacks. First discovered by security researchers at Cisco Talos, PXA Stealer is an info-stealing malware written in Python. While it was initially used to target government organizations and businesses in the education sector throughout Europe and Asia, the hackers behind this new campaign have shifted their sights to go after ordinary people in the U.S., South Korea, the Netherlands, Hungary and Austria. So far, SentinelOne has identified 4,000 unique IP addresses across 62 countries that have been infected by the PXA Stealer. What makes this particular malware campaign so dangerous is that in addition to how it can steal saved passwords, cookies, credit card info and any other autofill data stored in your browser as well as from crypto wallets and popular applications like Discord, the hackers behind it are also using a number of tricks and techniques to avoid detection. Here's everything you need to know about this new malware campaign along with some tips and tricks to help you avoid falling victim to it. In this new wave of attacks, the hackers responsible either tricked potential victims into visiting phishing sites or convinced them to download a ZIP file which, in addition to a signed copy of the free Haihaisoft PDF Reader, also contains a malicious Dynamic link-library or DLL file. As SentinelOne's security researchers explain in their report, this malicious DLL file is an essential part of this campaign as it's what allows the PXA Stealer malware to establish persistence via the Windows Registry on infected systems. However, it's also used to download additional malicious components like Windows executables that are hosted remotely on file-sharing sites like Dropbox. Get instant access to breaking news, the hottest reviews, great deals and helpful tips. Once the PDF reader is installed and launched, this malicious DLL creates a command line script that tells Microsoft's Edge browser to open a virus-filled PDF file. While the file doesn't actually open and an error message is displayed, the damage is done. Besides using a free PDF reader as a lure, the hackers behind this campaign are also using a Microsoft Word 2013 executable to distribute the PXA Stealer malware. This executable looks like your standard Word file and comes attached in emails but when opened, it uses a different malicious DLL file to achieve the same end goal: infecting your PC with info-stealing malware. To get all of this stolen data off of your computer, the hackers behind this campaign are using Telegram as an exfiltration channel. From there, all of those stolen passwords, credit card data and other sensitive personal information is then sold on the dark web for other cybercriminals to use in their own attacks. Everywhere you turn online these days, there seems to be hackers lurking around the corner waiting to infect your devices with malware in order to steal your data. In this particular campaign, the hackers behind it used either phishing sites or malicious email attachments to trick unsuspecting users. This is why you need to be extra careful when checking your inbox. Don't just click on any link you see in an email. Instead, you want to hover your mouse over the link to see where it's taking you. If you don't recognize the URL, don't click on the link. Likewise, when it comes to email attachments, you always want to be wary when an unknown sender attaches a file to an email they've sent you. When in doubt, if you don't recognize the sender, don't download the attachment even if it appears to be legitimate at first glance. Given that the PXA Stealer and other malware strains often target the data you've stored in your browser, you should avoid keeping sensitive information in it when possible. For instance, instead of having your browser store your saved passwords, you should use one of the best password managers instead. The same thing goes for your credit card details and other sensitive information. While I would normally recommend keeping your PC protected with the best antivirus software, the hackers behind this campaign used all sorts of clever tricks and techniques to avoid having their malware detected. In this case, it's up to you to use your best judgement when clicking on links or downloading files online. Still, it never hurts to use a reliable antivirus to keep you protected from other viruses and threats online. Given that the PXA Stealer was first used to target governments and educational organizations before regular people, I don't think this is the last we've seen of this info-stealing malware yet. Instead, other hackers may try to use this malware strain in future attacks. Follow Tom's Guide on Google News to get our up-to-date news, how-tos, and reviews in your feeds. Make sure to click the Follow button.
