Critical 'LogoFAIL' Bugs Offer Secure Boot Bypass for Millions of PCs

Hundreds of consumer and enterprise-grade x86 and ARM devices from various vendors, including Intel, Acer, and Lenovo, are potentially vulnerable to bootkits and takeover.


https://www.darkreading.com/endpoint-sec...llions-pcs

North Korea APT Slapped With Cyber Sanctions After Satellite Launch

Sanctions on Kimsuky/APT43 focuses the world on disrupting DPRK regime's sprawling cybercrime operations, expert says.


https://www.darkreading.com/vulnerabilit...ite-launch

Mercado Libre’s Journey to a Public Bug Bounty Program

HackerOne is delighted to announce the launch of Mercado Libre’s Public Bug Bounty Program.


https://www.hackerone.com/customer-stori...bug-bounty

Natural Language Processing (NLP) in AI: Top 9 Use Cases

We’ve all come across Amazon’s Alexa or Apple’s Siri and asked ChatGPT to answer a…

Natural Language Processing (NLP) in AI: Top 9 Use Cases on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Courses.

US govt sanctions North Korea’s Kimsuky hacking group


The Treasury Department's Office of Foreign Assets Control (OFAC) has sanctioned the North Korean-backed Kimsuky hacking group for stealing intelligence in support of the country's strategic goals. [...]


https://www.bleepingcomputer.com/news/se...ing-group/

LogoFAIL attack can install UEFI bootkits through bootup logos


Multiple security vulnerabilities collectively named LogoFAIL affect image-parsing components in the UEFI code from various vendors. Researchers warn that they could be exploited to hijack the execution flow of the booting process and to deliver bootkits. [...]


https://www.bleepingcomputer.com/news/se...tup-logos/

Windows 10 KB5032278 update adds Copilot AI assistant, fixes 13 bugs


Microsoft has started rolling out its Copilot AI assistant to Windows 10 with the KB5032278 November 2023 non-security preview update for systems running Windows 10, version 22H2. [...]


https://www.bleepingcomputer.com/news/mi...s-13-bugs/

VMware fixes critical Cloud Director auth bypass unpatched for 2 weeks


VMware has fixed a critical authentication bypass vulnerability in Cloud Director appliance deployments, a bug that was left unpatched for over two weeks since it was disclosed on November 14th. [...]


https://www.bleepingcomputer.com/news/se...r-2-weeks/

French government recommends against using foreign chat apps


Prime Minister of France Élisabeth Borne signed a circular last week requesting all government employees to uninstall foreign communication apps such as Signal, WhatsApp, and Telegram by December 8, 2023, in favor of a French messaging app named 'Olvid.' [...]


https://www.bleepingcomputer.com/news/se...chat-apps/

Hackers use new Agent Raccoon malware to backdoor US targets

A novel malware named 'Agent Raccoon' (or Agent Racoon) is being used in cyberattacks against organizations in the United States, the Middle East, and Africa. [...]


https://www.bleepingcomputer.com/news/se...s-targets/