All news with #dell tag

Talos Discloses Multiple Dell, Lasso, GL.iNet Flaws

🔒 Cisco Talos disclosed multiple vulnerabilities across Dell ControlVault, the Entr'ouvert Lasso SAML library, and the GL.iNet Slate AX travel router. Issues range from a hard-coded password and privilege escalation in ControlVault to memory corruption and buffer overflows that can enable arbitrary code execution, a type confusion bug and DoS in Lasso, and an OTA firmware downgrade in GL.iNet. Vendors have issued patches under Cisco’s disclosure policy and Snort rule updates are available to detect exploitation. Administrators should apply vendor updates, verify OTA integrity mechanisms, and deploy IDS signatures promptly.

Microsoft Defender Bug Triggers False BIOS Update Alerts

⚠️ Microsoft is addressing a logic bug in Microsoft Defender for Endpoint that causes some Dell devices' BIOS firmware to be incorrectly marked as outdated, prompting unnecessary update alerts to users. The company says a fix has been developed and is being prepared for deployment, but it has not disclosed the regions or number of customers affected. Microsoft also recently resolved macOS black screen crashes linked to a deadlock in the Apple enterprise security framework and has been correcting several anti-spam and machine-learning false positives impacting Teams and Exchange Online.

Top Cyber Recovery Vendors and Platform Capabilities

🔒 Ineffective recovery processes and increasingly sophisticated ransomware are driving adoption of Cyber Recovery approaches that isolate and validate backups before restoring systems. Modern platforms combine immutable snapshots, sandboxed restores, and automated forensics with AI/ML-based detection to identify safe restore points and reduce downtime. Vendors highlighted include Acronis, Cohesity, Commvault, Dell, Druva, Rubrik, Veeam, Zerto.

CrowdStrike Secures AI Across the Enterprise with Partners

🔒 CrowdStrike describes how the Falcon platform delivers unified visibility and lifecycle defense across the full AI stack, from GPUs and training data to inference pipelines and SaaS agents. The post highlights integrations with NVIDIA, AWS, Intel, Dell, Meta, and Salesforce to extend protection into infrastructure, data, models, and applications. It also introduces agentic defense via Charlotte AI for autonomous triage and rapid response, and emphasizes governance controls to prevent data leaks and adversarial manipulation.

ReVault: Deep Analysis of Dell ControlVault3 Firmware

🔒 This deep-dive by Philippe Laulheret (Talos) dissects Dell's ControlVault3 ecosystem, exposing firmware decryption, memory-corruption flaws, and exploit chains that cross the device/host boundary. The researchers recovered hardcoded keys, reverse-engineered the SCD/SMAU update mechanism, and achieved arbitrary code execution in firmware, enabling persistence and a demonstrated Windows Hello bypass. Practical attacks include forging SCD blobs, backdooring firmware to escalate to SYSTEM, and physically extracting the USH board over USB for rapid compromise.

ReVault: Vulnerabilities in Dell ControlVault3 Firmware

🔒 Talos disclosed five vulnerabilities in Dell ControlVault3 firmware and its Windows APIs, collectively named ReVault. The flaws affect more than 100 Latitude and Precision models and can enable persistent firmware implants that survive OS reinstalls. Attackers with local or physical access may bypass biometric authentication or escalate to Admin/System level. Apply Dell firmware updates and recommended mitigations without delay.

Engineering Firm Exposes Critical Infrastructure Data

⚠️ UpGuard discovered a public rsync repository exposing data from Power Quality Engineering (PQE), including client inspection reports, infrared imagery and plaintext internal passwords. The July 2017 exposure allowed downloads of hundreds of gigabytes via port 873 and revealed schematics for clients such as Dell, Oracle, Texas Instruments, and the City of Austin, including a SCIF layout. PQE secured the server after notification; the incident highlights the large risk of simple misconfigurations and third‑party vendor failures.