Chinese Hackers Spotted Using New UEFI Firmware Implant in Targeted Attacks

A previously undocumented firmware implant deployed to maintain stealthy persistence as part of a targeted espionage campaign has been linked to the Chinese-speaking Winnti advanced persistent threat group (APT41). Kaspersky, which codenamed the rootkit MoonBounce, characterized the malware as the “most advanced UEFI firmware implant discovered in the wild to date,” adding “the purpose of…

Dublin’s Exergyn pulls in $35M Series A for solution which replaces GHG-causing refrigerants – TechCrunch

Dublin-based Exergyn replaces refrigerants with solid materials, thus reducing the output of greenhouse gases. The technology could be applicable in data centers. The industrial-grade cleantech company has now raised a $35 million (€30 million) Series A round led by Mercuria, an energy and commodities company, and Lacerta Partners, a family office-backed fund. Also participating was…

Cisco Issues Patch for Critical RCE Vulnerability in RCM for StarOS Software

Cisco Systems has rolled out fixes for a critical security flaw affecting Redundancy Configuration Manager (RCM) for Cisco StarOS Software that could be weaponized by an unauthenticated, remote attacker to execute arbitrary code and take over vulnerable machines. Tracked as CVE-2022-20649 (CVSS score: 9.0), the vulnerability stems from the fact that the debug mode has…