GhostWrite: New T-Head CPU Bugs Expose Devices to Unrestricted Attacks

A team of researchers from the CISPA Helmholtz Center for Information Security in Germany has disclosed an architectural bug impacting Chinese chip company T-Head’s XuanTie C910 and C920 RISC-V CPUs that could allow attackers to gain unrestricted access to susceptible devices. The vulnerability has been codenamed GhostWrite. It has been described as a direct CPU […]

What are Service Accounts, and Why are They Important to Secure?

Originally published by Astrix.What are service accounts?Service Accounts are Non-Human Identity accounts used by machines or apps to communicate with one another within a system, unlike user or human accounts.Service Accounts, using machine credentials, provide privileged identities and permissions for applications, scripts, services, or virtual machines to perform tasks or access resources. This allows different […]

Researchers Uncover Vulnerabilities in AI-Powered Azure Health Bot Service

Cybersecurity researchers have discovered two security flaws in Microsoft’s Azure Health Bot Service that, if exploited, could permit a malicious actor to achieve lateral movement within customer environments and access sensitive patient data. The critical issues, now patched by Microsoft, could have allowed access to cross-tenant resources within the service, Tenable said in a new […]