cybersecurity news

Dell Laptop Vulnerable, Zero-Trust Migration Pending, WSU Threat Surge

ByBrad Slavin
Dell Laptop Vulnerable, Zero-Trust Migration Pending, WSU Threat Surge
Dell Laptop Vulnerable, Zero-Trust Migration Pending, WSU Threat Surge
/

Hola people! August is here, and so are we! Once again, we bring to you a fresh dose of cybersecurity news to help you combat the increasing threat of cyberattacks. Our ultimate goal is to make you aware of the cyber threats that are currently circulating. The only way you can safeguard your sensitive data from these sophisticated cybercrooks is to educate yourself about the latest cybersecurity trends. 

This week, we are going to discuss the Dell laptop vulnerabilities, the zero-trust initiative being pushed by the US government, and the increased instances of cyberattacks at WSU.

So stay with us and keep reading to secure your data!

cybersecurity trends

Your Dell laptop can be prone to cybersecurity attacks!

If you are a government official, working professional, or cybersecurity expert and own a Dell laptop, here’s something you must know! Millions of Dell laptops, especially those from the Latitude and Precision series, are prone to serious cyber threats. 

Cybercrooks target the Broadcom BCM5820X security chip, which is embedded in Dell’s ControlVault3 firmware. The vulnerabilities, also known as ReVault, enable the threat actors to gain easy access to your biometric data, passwords, and other sensitive details. 

biometric data

Experts believe that the consequence of the ReVault attack on Dell laptops can be severe. The most concerning part about ReVault vulnerabilities is that the device tends to stay compromised even after a complete reinstallation of Windows. 

ReVault also enables threat actors to cause physical attacks on the compromised device. If a threat actor manages to gain physical access to your Dell laptop for a brief period of time, they can conveniently open the chassis and then access the USH board with the help of a custom connector.

A compromised Dell laptop with tampered ControlVault firmware can also be configured in a way that it accepts faulty fingerprint authentications. Researchers have literally used spring onions to unlock a compromised laptop. 

Dell has taken cognizance of the sensitive issue and is working actively with Broadcom to develop firmware updates soon. Dell has already notified its customers about the security concerns. It has also been releasing security patches regularly to keep the users safe.

security concerns

Zero-trust migration is still under consideration to limit threat attack damages

The zero-trust network designs gained popularity during the Biden administration. But the initiative is still being considered under the Trump administration. Government agencies are still being encouraged to deploy the zero-trust system

According to Michael Duffy, the acting federal chief of information security, implementing artificial intelligence in day-to-day operations should be backed by a zero-trust system to ensure complete cybersecurity. Basically, this system creates multiple obstacles for the cybercrooks who manage to break into your device. These hurdles significantly limit the extent of damage by quarantining crucial parts of the network and require a stringent authentication process.

zero-trust architecture

Duffy said that even though the Biden administration is no longer there, zero-trust architecture continues to be an important part of ongoing cybersecurity measures. The Trump administration sees potential in certain cyber priorities that Biden tried to incorporate during his tenure

WSU witnesses a sudden rise in threat attacks just before financial aid disbursements!

The Washington State University (WSU) is experiencing a sudden spike in the instances of cyberattacks just ahead of the financial aid disbursements. As a result, the Information Technology Services (ITS) at WSU has boosted its security efforts. ITS has been deploying improved login as well as authentication processes in order to combat phishing attacks and account takeover risks. These security measures may lead to certain changes in the login process for the WSU community members. They have stated that there is nothing to worry about this minor change in the login process and that it’s just a part of the boosted security protocols.

This is not the first time that cybercrooks have targeted an educational institute. According to Educause, the US has been experiencing a sudden spike in financial aid fraud. Upto 2020, the annual financial aid fraud would result in losses of under $10 million. However, by 2023, the annual losses had hit the $100 million mark.

multifactor authentication

The officials at WSU have urged all the students and other users to stay vigilant and practice cyber hygiene. They have advised users not to share their authentication codes or passwords with anyone else. Deploying multifactor authentication can also help in thwarting the risk of phishing attacks. To boost cybersecurity, many organizations now use DMARC, DKIM, and SPF to prevent email spoofing and phishing. Any suspicious login activity should also be reported as soon as possible. ITS has issued a warning that even a single case of account compromise can lead to malicious redirection of the payroll deposits.

WSU, as well as ITS, have been working in close coordination to prevent any unfortunate malicious incident. However, they believe that every user must act vigilantly to ensure the security mechanism is foolproof.

Similar Posts

Switch From p=quarantine to p=reject in DMARC?

Switch From p=quarantine to p=reject in DMARC?

ByBrad Slavin

It’s no news that domains compliant with DMARC are less vulnerable to becoming targets of phishing-based cyberattacks than the ones not using it. In fact, domains without DMARC enforcement are 4.75x more likely to be the target of spoofing versus domains with DMARC enforcement.  There are 3 DMARC policies and each of them represents an…

No DMARC Record Found? Here’s How to Fix Your Domain’s Email Security

No DMARC Record Found? Here’s How to Fix Your Domain’s Email Security

ByBrad Slavin

In today’s digital landscape, securing your email is more important than ever. If you’ve recently encountered the message “no DMARC record found,” it can feel like a daunting hurdle. But don’t worry—this common issue simply means your domain isn’t protected by DMARC, a key player in email security. Without it, your emails are at risk…

 How does DMARC quarantine work against phishing attempts?

 How does DMARC quarantine work against phishing attempts?

ByBrad Slavin

We’re only five months into 2025, and so far, 3.4 billion phishing emails have been sent on a daily basis.  Every single day, inboxes around the world are flooded with fake messages trying to trick people into clicking fraudulent links or giving up sensitive information. And yes, spam filters do their bit to prevent these…

Why DMARC is Important for Online Business

Why DMARC is Important for Online Business

ByBrad Slavin

Here’s how DMARC is an essential tool for online businesses to protect against rising email threats. Online businesses rely heavily on email communication for various purposes, from customer interactions to marketing campaigns. However, this increased reliance on emails has also made them susceptible to cyber threats like phishing and spoofing. Therefore, the role of DMARC…

Understanding Kimsuky’s Latest Phishing Tactics: Exploiting DMARC “None” Policies

Understanding Kimsuky’s Latest Phishing Tactics: Exploiting DMARC “None” Policies

ByBrad Slavin

News Flash: The infamous North Korean group of hackers — Kimsuky strikes back! Kimsuky is not a new name in the cybersecurity circle, as it is well known for pulling off sophisticated email-based attacks and leveraging social engineering tactics. But this time, they have changed their approach and shifted their focus towards organizations that have DMARC…

Eight Strong Reasons to Use DMARC for Your Business

Eight Strong Reasons to Use DMARC for Your Business

ByBrad Slavin

Email has become a mainstream communication medium for almost all organizations and businesses. However, it has also become a notorious channel for malicious actors to trick organizations into giving out confidential information by spoofing emails. This problem led to the emergence of a crucial solution for email authentication: DMARC. It stands for ‘Domain-based Message Authentication,…