Public hazard

3 posts with the tag “Public hazard”

UEFIcanhazbufferoverflow: A Phoenix SecureCore vulnerability

Jul 1, 2024

Visual Ehrmanntraut

CEO

A buffer overflow vulnerability has been discovered in the Phoenix SecureCore implementation.

Tags:

• Public hazard
• UEFI
• Vulnerability

polyfill.io domain attempted a supply chain attack

Jun 28, 2024

Visual Ehrmanntraut

CEO

The polyfill (dot) io domain that’s been used in more than 100000 sites has attempted a supply chain attack.

Tags:

• Public hazard
• Supply chain attack
• Malware

GoFetch: A side-channel attack on Apple Silicon

Mar 23, 2024 - Last update: Sep 5, 2024

Visual Ehrmanntraut

CEO

An attack that exploits the memory-dependent prefetchers to extract cryptographic keys.

Tags:

• Public hazard
• Vulnerability
• Apple Silicon