Subscribe: The Register - Security: ID
http://www.theregister.co.uk/security/identity/headlines.rss
Added By: Feedage Forager Feedage Grade B rated
Language: English
Tags:
amd  cpu  cpus  data  fix  fixes  intel  malware  meltdown spectre  meltdown  new  patches  security  spectre  systems     
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: The Register - Security: ID

The Register - Security



Biting the hand that feeds IT



Copyright: Copyright 2018, Situation Publishing
 



Hospital injects $60,000 into crims' coffers to cure malware infection

Tue, 16 Jan 2018 23:48:55 GMT

Medics say they couldn't wait for backups to be pulled as ransomware ransacked kit

A US hospital paid extortionists roughly $60,000 to end a ransomware outbreak that forced staff to use pencil-and-paper records.…




Android snoopware Skygofree can pilfer WhatsApp messages

Tue, 16 Jan 2018 17:30:12 GMT

Sophisticated nasty also able to listen in based on location

Mobile malware strain Skygofree may be the most advanced Android-infecting nasties ever, antivirus-flinger Kaspersky Lab has warned.…




UK's Just Eat faces probe after woman tweets chat-up texts from 'delivery guy'

Tue, 16 Jan 2018 14:44:23 GMT

ICO to investigate allegations of driver delivering side order of creepy

A customer of takeaway delivery firm Just Eat has alleged a driver from an eatery used her phone number to ask her for a date.…




New Mirai botnet species 'Okiru' hunts for ARC-based kit

Tue, 16 Jan 2018 11:56:12 GMT

Researchers: Code designed to hit Linux devices

A new variant of the notorious Mirai malware is exploiting kit with ARC processors.…




Canada charges chap alleged to run stolen data-mart Leakedsource

Tue, 16 Jan 2018 01:59:09 GMT

Unlike similar services, this one sold purloined passwords

The Royal Canadian Mounted Police has announced it has cuffed and charged a man for selling stolen identities and passwords at LeakedSource.com.…




Bad benchmarks bedevil boffins' infosec efforts

Tue, 16 Jan 2018 00:58:07 GMT

'Benchmark crimes' understate true performance impact of security controls

A group of operating systems specialists has said that sloppy benchmarking is harming security efforts by making it hard to assess the likely performance impact of security countermeasures.…




Now Meltdown patches are making industrial control systems lurch

Mon, 15 Jan 2018 18:07:07 GMT

Automation and SCADA-flingers admit fix has affected products

Patches for the Meltdown vulnerability are causing stability issues in industrial control systems.…




Customers reporting credit card fraud after using OnePlus webstore

Mon, 15 Jan 2018 13:16:06 GMT

Chinese mobe-flinger probing the issue

A large number of OnePlus customers claim to have been hit by fraudulent credit card transactions after making purchases on the phone company's site. And they're unhappy that the company has been slow to address the issue.…




UK.gov denies data processing framework is 'sinister' – but admits ICO has concerns

Mon, 15 Jan 2018 10:18:09 GMT

Minister says commish is 'free to disregard' framework if it is 'irrelevant'

The government has moved to allay fears over amendments to the Data Protection Bill that critics say could undermine both the law and the powers of the UK’s privacy watchdog.…




Meltdown/Spectre fixes made AWS CPUs cry, says SolarWinds

Mon, 15 Jan 2018 08:37:05 GMT

CPU utilization up, throughput down, but a second fix may have restored normal service

Log-sniffing vendor SolarWinds has used its own wares to chronicle the application of Meltdown and Spectre patches on its own Amazon Web Services infrastructure, and the results make for ugly viewing.…




Oracle still silent on Meltdown, but lists patches for x86 servers among 233 new fixes

Mon, 15 Jan 2018 01:30:08 GMT

Sun ZFS Storage Appliance users: brace for super-critical fix

Oracle still has nothing to say about whether the Meltdown or Spectre vulnerabilities are a problem for its hardware.…




Intel puts security on the todo list, Tavis topples torrent tool, and more

Sat, 13 Jan 2018 10:11:11 GMT

A quick catch-up on infosec stuff beyond what we've already reported

Roundup The security world is still feeling the aftereffects of last week's CPU design flaw disclosures, which continued to dominate the news this week, even amid the noisy CES jamboree in Las Vegas.…




Let's Encrypt plugs hole that let miscreants grab HTTPS web certs for strangers' domains

Sat, 13 Jan 2018 01:40:14 GMT

Shared hosting oversight bites free SSL/TLS certificate org

Let's Encrypt – a SSL/TLS certificate authority run by the non-profit Internet Security Research Group (ISRG) to programmatically provide websites with free certs for their HTTPS websites – on Thursday said it is discontinuing TLS-SNI validation because it's insecure in the context of many shared hosting providers.…




Feds may have to explain knowledge of security holes – if draft law comes into play

Sat, 13 Jan 2018 00:59:28 GMT

House reps approve bill requiring vuln disclosure reports

The US House of Representatives this week approved a bill that, given further legislative and executive branch support, will require the American government to account for its handling of software and hardware vulnerabilities.…




Boffins split on whether Spectre fix needs tweaked hardware

Fri, 12 Jan 2018 17:09:05 GMT

It's not like a recall is possible, says chip security expert

Analysis Processor security experts – including one cited in the Meltdown paper – are split on whether the resolution of the Spectre vulnerability may need to involve hardware modifications or the software defences being rolled out are adequate.…




Intel AMT security locks bypassed on corp laptops – fresh research

Fri, 12 Jan 2018 16:08:05 GMT

Easy as A, B, CTRL+P

Updated Security shortcomings in Intel's Active Management Technology (AMT) can be exploited by miscreants to bypass login prompts on notebook computers.…




Data protection is best managed from the centre

Fri, 12 Jan 2018 14:45:12 GMT

Become the ruler of all you survey

Security people talk of an attack surface to describe exposure to malware and hacking. The bigger the attack surface, the more at risk you are.…




'Mummy, what's felching?' Tot gets smut served by Android app

Fri, 12 Jan 2018 14:00:12 GMT

Google’s Play Store fails again

Researchers have found a batch of over 60 malware-carrying apps in Google's Play Store designed to rob mobile users or show them pornography, all with a kid-friendly theme.…




Intel’s Meltdown fix freaked out some Broadwells, Haswells

Fri, 12 Jan 2018 03:27:03 GMT

Customers say PCs and servers reboot a lot after fixes. Meanwhile, AMD admits to Spectre problems

Intel has warned that the fix for its Meltdown and Spectre woes might have made PCs and servers less stable.…




Brace yourselves for the 'terabyte (sic) of death', warns US army IT boss

Fri, 12 Jan 2018 01:11:50 GMT

Sorry, make that, exiting IT boss

The outgoing head of the Defense Information Systems Agency, which handles computer security for the US Department of Defense, has warned a massive cyber-attack is "looming" at the American military's door.…




Everything running smoothly at the plant? *Whips out mobile phone* Wait. Nooo...

Thu, 11 Jan 2018 13:00:13 GMT

SCADA mobile app security is getting worse

The security of mobile apps that tie in with Supervisory Control and Data Acquisition (SCADA) systems has deteriorated over the last two-and-a-half years, according to new research.…




Ohio coder accused of infecting Macs, PCs with webcam, browser spyware for 13 years

Thu, 11 Jan 2018 01:12:17 GMT

Alleged Fruitfly creator faces decades in prison if guilty

A computer programmer has been accused of hacking, committing identity theft, and creating child pornography after allegedly developing custom malware to take control of thousands of computers.…




Leaky credit report biz face massive fines if US senators get their way

Wed, 10 Jan 2018 20:21:25 GMT

That Equifax hack would have cost the outfit $1.5bn

New legislation introduced in the US Senate by Elizabeth Warren (D-MA) and Mark Warner (D-VA) would result in credit reporting agencies being slapped with stiff fines if they play fast and loose with data security.…




Taiwanese cops give malware-laden USB sticks as prizes for security quiz

Wed, 10 Jan 2018 07:29:07 GMT

What was second prize? We think we'd rather have that

Winners of a security quiz staged by Taiwan's Criminal Investigation Bureau may be wondering why they tried so hard to do well after some of the USB drives handed out as prizes turned out to be wretched hives of malware and villainy.…




Russia claims it repelled home-grown drone swarm in Syria

Wed, 10 Jan 2018 07:02:08 GMT

13 explosively armed but cobbled-together drones swarmed airbase

The Russian Defense Ministry has reported that its forces in Syria have been attacked by a swarm of GPS-guided drones carrying improvised explosives.…




IBM’s complete Meltdown fix won’t land until mid-February

Wed, 10 Jan 2018 05:58:07 GMT

POWER CPU patches available now or next week, AIX and i OS fixes are more than a month off

IBM’s started to release its own patches for the Meltdown mess and the Spectre SNAFU, which it’s half-confirmed impact its hardware and operating systems, but won’t have a complete fix until mid-February.…




Intel, Microsoft confess: Meltdown, Spectre may slow your servers

Wed, 10 Jan 2018 05:02:09 GMT

It's getting hard to deny all the new and sluggish benchmarks

Analysis After spending last week insisting that the performance impact of fixing the Meltdown and Spectre CPU vulnerabilities "should not be significant," Intel on Tuesday tried to maintain that stance even as it acknowledged SYSmark tests assessing post-patch slowdowns ranging from two per cent to 14 per cent.…




Facebook has open-sourced encrypted group chat

Wed, 10 Jan 2018 03:01:07 GMT

Governments hate encrypted chat tools on social media, so brace for outrage in 3 ... 2 ...

Updated Facebook has responded to governments' criticism of cryptography by giving the world an open source encrypted group chat tool.…




CPU bug patch saga: Antivirus tools caught with their hands in the Windows cookie jar

Tue, 09 Jan 2018 23:49:18 GMT

You're fondling our kernel wrong, grumbles Microsoft

Microsoft's workaround to protect Windows computers from the Intel processor security flaw dubbed Meltdown has revealed the rootkit-like nature of modern security tools.…




Don't just grab your CPU bug updates – there's a nasty hole in Office, too

Tue, 09 Jan 2018 22:16:05 GMT

It's 2018 and a Word doc can still pwn your Windows computer

Patch Tuesday In case you've been hiding under a rock for the entirety of this new year (and we don't blame you if you have) there are a handful of major security flaws that have been dominating the news, and feature prominently in this month's Patch Tuesday update load.…




Teach citizens IoT dangers, engineering students cybersecurity, Uncle Sam suggests

Tue, 09 Jan 2018 21:52:25 GMT

Govt also worried about IPv6's impact on online security

The US Department of Commerce (DoC) and Department of Homeland Security have put out a draft cybersecurity report that recommends, among other things, that the American government fund a public awareness campaign on IoT security, and make cybersecurity a compulsory part of future engineering degrees.…




FBI says it can't unlock 8,000 encrypted devices, demands backdoors for America's 'public safety'

Tue, 09 Jan 2018 20:38:47 GMT

Where there's a will, there's a Wray

FBI Director Christopher Wray has picked up where he left off last year with a new call for backdoors in encryption exclusively for law enforcement.…




Barracuda snags email security biz ahead of private equity plunge

Tue, 09 Jan 2018 16:54:05 GMT

There's always a bigger phish

Backup and security biz Barracuda made the largest profit it has seen in more than three and a half years in its third fiscal 2018 quarter, its last as a public company.…




How are the shares, Bry? Intel chief cops to CPU fix slowdowns

Tue, 09 Jan 2018 13:46:07 GMT

Don't worry, Chipzilla is 'working tirelessly' to resolve the issue

Intel's boss has finally admitted software fixes to address the Meltdown and Spectre vulnerabilities in most modern CPUs will incur a performance hit.…




With WPA3, Wi-Fi will be secure this time, really, wireless bods promise

Tue, 09 Jan 2018 08:02:08 GMT

If at first you don't succeed, try (WEP) try (WPA) try (WPA2)...

Wi-Fi security should become a bit less laughable with the pending introduction of the WPA3 protocol this year.…




IBM melts down fixing Meltdown as processes and patches stutter

Tue, 09 Jan 2018 07:25:08 GMT

RHEL servers croaking, reporting in Excel, customer docs in signoff limbo

IBM has scrambled to fix the Meltdown and Spectre bugs, but has struggled to develop processes, reporting tools or reliable patches to get the job done for itself or its clients.…




Meltdown, Spectre bug patch slowdown gets real – and what you can do about it

Tue, 09 Jan 2018 00:45:31 GMT

Chip flaw fixes not so insignificant after all

Analysis Having shot itself in the foot by prioritizing processor speed over security, the chip industry's fix involves doing the same to customers.…




VTech hack fallout: What is a kid's privacy worth? About 22 cents – FTC

Mon, 08 Jan 2018 23:31:10 GMT

Toymaker coughs up $650k after three million youngsters have info swiped

The US Federal Trade Commission (FTC) today agreed to a settlement deal with a children's electronic toymaker it had accused of collecting kids' personal information and then failing to properly secure that data.…




More stuff broken amid Microsoft's efforts to fix Meltdown/Spectre vulns

Mon, 08 Jan 2018 16:32:12 GMT

This is going to take a while

More examples have emerged of security fixes for the Meltdown vulnerability breaking things.…




First shots at South Korea could herald malware campaign of Olympic proportions

Mon, 08 Jan 2018 13:05:11 GMT

Russia, Norks and dog lovers all potential perps, say pundits

A malware campaign has been unleashed against organisations involved with next month's Pyeongchang Winter Olympics.…




Your connection is not Brexit... we mean private: UK Tory party lets security cert expire

Mon, 08 Jan 2018 11:46:07 GMT

Well what do you expect...

Another day, another embarrassing gaffe for the Tories. This time it seems someone forgot to renew the UK Conservative Party's website's security certificate.…




Smartphones' security enhancements just make them more dangerous

Mon, 08 Jan 2018 07:01:05 GMT

Is that incriminating data in your pocket or are you just pleased to see me?

Over the holidays I bought Apple’s newest, shiniest face scanner. For the first fortnight - and periodically since then, that constant lift-and-scan felt weird. As though my smartphone had suddenly become too intimate, too familiar.…




It gets worse: Microsoft’s Spectre-fixer wrecks some AMD PCs

Mon, 08 Jan 2018 06:30:19 GMT

KB4056892 is not your friend if you run an Athlon

UPDATE Microsoft’s fix for the Meltdown and Spectre bugs may be crocking AMD-powered PCs.…




Security hole in AMD CPUs' hidden secure processor code revealed ahead of patches

Sat, 06 Jan 2018 01:58:12 GMT

Googler drops bug bomb in public – but don't panic

Cfir Cohen, a security researcher from Google's cloud security team, on Wednesday disclosed a vulnerability in the fTMP of AMD's Platform Security Processor (PSP), which resides on its 64-bit x86 processors and provides administrative functions similar to the Management Engine in Intel chipsets.…




Qualcomm joins Intel, Apple, Arm, AMD in confirming its CPUs suffer hack bugs, too

Sat, 06 Jan 2018 01:15:23 GMT

Just in time for Friday night

Qualcomm has confirmed its processors have the same security vulnerabilities disclosed this week in Intel, Arm, AMD and IBM CPU cores.…




How to hack Wi-Fi for fun and imprisonment with crypto-mining inject

Fri, 05 Jan 2018 21:57:25 GMT

Turn cafe punters into unwitting coin crafters

Thanks to the ridiculous valuation of Bitcoin and other cryptocurrencies, cryptomining code has become a common mechanism for converting authorized and stolen computing cycles into potential cash.…




Dell EMC patches 3 zero-days in Data Protection Suite

Fri, 05 Jan 2018 16:43:54 GMT

Could combine to 'fully compromise' virtual appliance, researchers warn

Three vulns in Dell EMC’s Data Protection Suite product that can combine to fully compromise a virtual appliance have been patched by the vendor.…




Cisco to release patches for Meltdown, Spectre CPU vulns, just in case

Fri, 05 Jan 2018 11:10:10 GMT

Switchzilla is investigating a whole bunch of products

Cisco is the latest company to prepare patches to tackle the serious security vulnerabilities affecting the majority of CPUs, Meltdown and Spectre.…




Woo-yay, Meltdown CPU fixes are here. Now, Spectre flaws will haunt tech industry for years

Fri, 05 Jan 2018 07:08:13 GMT

Countermeasures to protect apps from attack

Analysis Intel has borne the brunt of the damage from the revelation of two novel attack techniques, dubbed Meltdown and Spectre, that affect the majority of modern CPUs in various ways.…




Microsoft patches Windows to cool off Intel's Meltdown – wait, antivirus? Slow your roll

Thu, 04 Jan 2018 21:09:17 GMT

Check your anti-malware tool unless you like BSoDs

Microsoft has released updates for Windows to block attempts by hackers and malware to exploit the Meltdown vulnerability in Intel x86-64 processors – but you will want to check your antivirus software before applying the fixes.…