A vulnerability in the driver allows you to elevate privileges on the system and disable security solutions.
Millions of HP OMEN Laptops and Gaming Desktops are at risk of cyberattacks due to a Severe Vulnerability (CVE-2021-3437). Exploiting the problem allows attackers to cause a denial of service state or to elevate privileges on the system and disable security solutions.
The problem is in the driver used by the OMEN Gaming Hub software. The software is preinstalled on all HP OMEN desktops and notebooks. The vulnerability stems from HP’s decision to use vulnerable code copied in part from WinRing0.sys (an open source driver) to create the HpPortIox64.sys driver that the OMEN Gaming Hub software uses to read and write kernel memory, PCI configurations, input ports, and output and Model-specific register.
The vulnerability affects HP OMEN Gaming Hub versions prior to 220.127.116.11 and HP OMEN Gaming Hub SDK Package versions prior to 1.0.44. The issue affects OMEN and HP Pavilion gaming laptops and HP ENVY, HP Pavilion and OMEN desktop gaming systems.
The OMEN Gaming Hub can be used to enhance your gaming experience by overclocking, optimizing system settings for different game profiles, adjusting the lighting of your gaming devices and accessories, and more.Considering that the software can also be downloaded from the Microsoft Store and installed on any computer running Windows 10 with peripheral accessories marketed under the HP OMEN brand, the problem affects millions of computers worldwide.
By elevating privileges to SYSTEM on HP OMEN devices, attackers can easily disable security solutions, overwrite system components with malicious data, damage the underlying operating system, or perform any other malicious action of their choice.
HP has released fixes for this vulnerability.
Hacker Hacked Fast Company’s Apple News Account and Spread Racist Messages
An unknown hacker was able to access the business publication Fast Company’s Apple News account and sent out a series of obscene and racist messages via push notifications. Subscribers are the victims.
Fast Company confirmed the hack, and so did Apple. The incident is currently under investigation.
“Fast Company’s Apple News account was hacked Tuesday night. After that, two push notifications with obscene and racist content were sent with a minute interval. The messages are disgusting and do not match Fast Company content. We are investigating the incident and have also paused feed updates and closed FastCompany.com until we are confident the situation has been resolved.“, – noted in the publication.
Shortly before the shutdown, the hacker himself posted an entire article on the Fast Company website, where he described in detail how he managed to bypass the protection. It turned out that the accounts on the site were protected by the same password, this also applies to the account of the site administrator. Having gained access to them, the hacker was able to get to the authentication tokens and log in to Apple News.
At the same time, in addition to hooliganism, no financial losses or manipulations were recorded.
Young hacker who leaked GTA 6 material denies his guilt
The 17-year-old hacker, who was previously arrested in the UK on suspicion of hacking Rockstar Games and Uber, has pleaded not guilty. According to police, he appeared in court over the weekend, but refused to plead guilty to PC misuse. At the same time, he admitted that he violated the conditions of release on bail. Now he is being held in a juvenile detention center.
According to investigators, the 17-year-old is part of the Lapsus$ hacker group and is behind the recent leak of videos and other details of the $2 billion GTA 6 game.
Earlier, a hacker under the nickname teapotuberhacker published an archive with video and source code from an early version of GTA 6, which has already gone viral. Take-Two tried to stop the spread of the leak, but it was only partially successful.
The hacker also said that it was he who attacked the Uber computer system, gaining access to correspondence, email addresses, and so on.
At the moment, the investigation is ongoing, so it is not yet clear how this story will end.
Cloudflare introduces world’s first eSIM with better security than VPN
Cloudflare has introduced a new solution that may be suitable for smartphone and mobile Internet users. We are talking about an eSIM card called Zero Trust SIM. Its peculiarity is that it provides an increased level of security, reducing the risk of number substitution.
In technical terms, we are talking about the transfer of DNS requests through the Cloudflare gateway, which allows you to protect them from interception and spoofing. Also promised is a check of all intermediate nodes through which the device accesses the Internet.
According to Cloudflare CTO John Graham-Cumming, Zero Trust SIM technology can outperform VPNs and other security systems as it provides cell-level protection.
Zero Trust SIM will launch first in the US, where only a virtual card for iOS and Android will be available at first. When activated, it will bind to a specific device and allow you to protect it. Physical maps are also expected in the future.
The company is also launching Zero Trust for Mobile Operators, an affiliate program for telecom operators that will enable them to offer subscriptions to the services and tools of the Zero Trust platform. In addition, a similar project is expected for the Internet of Things.
AirPods Pro 2 not needed? The original AirPods Pro also got an adaptive transparency mode
Apple has released a beta version of iOS 16.1, which makes available on the original AirPods Pro headphones the adaptive...
Xiaomi’s latest waterproof razor is even more efficient and costs less than $15
Xiaomi has launched the latest Xiaomi Mijia S101 electric shaver with three floating heads, which is offered in China for...
The Asus Zenbook 17 Fold OLED, the world’s first 17.3-inch foldable laptop, goes on sale
Asus announced the start of sales of its flagship Zenbook 17 Fold OLED (UX9702) laptop with a flexible 17.3-inch OLED...
Xiaomi’s latest washing machine for 45 shirts or 12 pairs of jeans goes on sale in China
Xiaomi, which introduced the new Xiaomi Mijia 10 kg front-loading direct drive washing machine earlier this week, has announced that...
Electric Cars5 days ago
Powerful sedan from Geely and Volvo on the Geely Tugella platform with 25 sensors. Lynk & Co 03 entered the Chinese market
Components5 days ago
Ryzen 9 7950X at 6.5 GHz consumes as much as a non-overclocked Core i9-12900K
Components6 days ago
24-inch, Full HD and slim body for $75. Redmi has a new monitor
News7 days ago
4K at 120 fps and 26 MP for $2500. Sony FX30 camera with APS-C sensor will be released on September 28