News Posts matching #Cyber Security

Return to Keyword Browsing

CHERI Alliance Launches with Major Partners Like Google to Address Hardware-Level Cybersecurity

The CHERI Alliance CIC (Community Interest Company) today announced its official launch and the expansion of its membership, welcoming Chevin Technology (UK), Critical Technologies (USA), the Defence Science and Technology Laboratory (DSTL, UK), Google (USA), Light Momentum Technology Corporation (Taiwan), National Cyber Security Centre (NCSC, a part of GCHQ, UK), Parvat Infotech (India), SRI International (USA), TechWorks (UK), Trusted Computer Center of Excellence (USA), the University of Birmingham (UK), and the University of Glasgow (UK) as founding members.

Founded to unite hardware security leaders and system developers, the CHERI Alliance aims to establish CHERI (Capability Hardware Enhanced RISC Instructions) as the new standard for memory safety and scalable software compartmentalization.

Microsoft Reveals Cyberattack & Theft of Internal Source Code

We have provided an update on the nation-state attack that was detected by the Microsoft Security Team on January 12, 2024. As we shared, on January 19, the security team detected this attack on our corporate email systems and immediately activated our response process. The Microsoft Threat Intelligence investigation identified the threat actor as Midnight Blizzard, the Russian state-sponsored actor also known as NOBELIUM. As we said at that time, our investigation was ongoing, and we would provide additional details as appropriate.

In recent weeks, we have seen evidence that Midnight Blizzard is using information initially exfiltrated from our corporate email systems to gain, or attempt to gain, unauthorized access. This has included access to some of the company's source code repositories and internal systems. To date we have found no evidence that Microsoft-hosted customer-facing systems have been compromised. It is apparent that Midnight Blizzard is attempting to use secrets of different types it has found. Some of these secrets were shared between customers and Microsoft in email, and as we discover them in our exfiltrated email, we have been and are reaching out to these customers to assist them in taking mitigating measures. Midnight Blizzard has increased the volume of some aspects of the attack, such as password sprays, by as much as 10-fold in February, compared to the already large volume we saw in January 2024.

Western Digital My Cloud Service Hacked, Customer Data Under Ransom

Western Digital has declared that its My Cloud online service has been compromised by a group of hackers late last month: "On March 26, 2023, Western Digital identified a network security incident involving Western Digital's systems. In connection with the ongoing incident, an unauthorized third party gained access to a number of the Company's systems. Upon discovery of the incident, the Company implemented incident response efforts and initiated an investigation with the assistance of leading outside security and forensic experts. This investigation is in its early stages and Western Digital is coordinating with law enforcement authorities."

The statement, issued on April 4, continues: "The Company is implementing proactive measures to secure its business operations including taking systems and services offline and will continue taking additional steps as appropriate. As part of its remediation efforts, Western Digital is actively working to restore impacted infrastructure and services. Based on the investigation to date, the Company believes the unauthorized party obtained certain data from its systems and is working to understand the nature and scope of that data. While Western Digital is focused on remediating this security incident, it has caused and may continue to cause disruption to parts of the Company's business operations."

SSD-Insider++ Promises Ransomware-free SSDs

Over the past couple of years there has been a huge increase in ransomware attacks, and now scientists claim to have a solution that could help protect SSDs from getting encrypted by ransomware. The SSD-Insider++, as the solution has been named, claims to be able to detect ransomware activity and reverse the encryption on the fly.

SSD-Insider++ was developed by a group of engineers from South Korea's Inha University, Daegu Institute of Science and Technology, and the Cyber Security Department at Ewha Womans University (EWU), as well as a researcher from the University of Central Florida in the US. It's a firmware level based protection that looks for patterns of ransomware activity on the drive and stops it before any damage has been done.

Acer Reports Q2 2020 Results: Operating Income NT$2.13 Billion with Record High Margin

Acer Inc. (TWSE: 2353) announced its financial results for the second quarter of 2020: consolidated revenues were NT$65.58 billion; gross profits were NT$7.14 billion with 10.9% margin; operating income was NT$2.13 billion, marking a record high[1] margin of 3.2%; earnings before tax was NT$1.65 billion; and net income was NT$1.20 billion with earnings per share (EPS) of NT$0.40. In the six months ended June 30, 2020, Acer's net income reached NT$1.75 billion, up 57.2% year-on-year (YoY) with EPS of NT$0.58.

In Q2, Acer saw strong business momentum due to work-from-home and distance learning needs in the EMEA (Europe, Middle East, Africa) and Pan America regions, while Pan Asia Pacific continued its recovery from the pandemic lockdown. At the same time, Acer's multiple business engines continued their strong momentum; notable performances in Q2 net income include Acer Cyber Security with 24% growth YoY, Weblink International with 25% growth YoY, and Acer Synergy Tech with 88% growth YoY.

Lenovo Enhances Portfolio of Education Solutions

Today, Lenovo, is announcing updates to its portfolio of education solutions to support schools adopting new curriculums and pedagogy as they head back to class in the Fall during the global health crisis. More than 1 billion students, over 90 percent of the world's learners, have been impacted by school closures in 2020i. In response to disrupted school calendars, educators are implementing distancing learning programs and hybrid learning scenarios - a combination of distance and in-classroom learning. Schools and districts require education-ready devices, more secure platforms, as well as compelling and effective digital content to engage students under changing learning conditions. From purpose-built laptops and tablets, software and content for education to immersive learning with virtual reality (VR) solutions, Lenovo is providing teachers and students the tools needed for schools' expanding digital ecosystems.

And Now, a Cyberattack That Uses Fan Vibrations to Steal Data: Air-ViBeR

Air-ViBeR is a new cyber-security vulnerability that uses changes in your PC's fan vibrations to sneak out data through an elaborate, convoluted method involving more than one compromised device. There is an infinitesimal and purely mathematical chance of this type of cyberattack affecting you, however one can't help but admire the ingenuity behind it, the stuff of Hollywood.

Created by Mordechai Guri at the Cyber Security Research Center at Ben-Gurion University, Israel, Air-ViBeR involves a compromised PC regulating its fan-speeds to alter the PC's acoustics rapidly, to relay data to an Internet-connected listening device, such as a compromised smartphone, which then converts those vibrations into ones and zeroes to transmit to the web. There's no way this method will transmit a your 100-gigabyte C: in a lifetime, let alone the few hours that your smartphone is placed on the same desk as your PC; but the attacker would look for something specific and something that fits within 4 KB (one block, or 32,768 bits). Guri demonstrated his method and wrote a paper on it explaining what he calls "air gap covert channels."
A video presentation by Mordechai Guri follows.

Gryphon Online Safety Releases the Lowest Cost Mesh WiFi Security Router and Parental Control System on the Market

Gryphon Online Safety, Inc. today announced the commercial launch of its new product the Gryphon Guardian, the lowest known entry cost in the market at $119 for an all-in-one mesh WiFi security router and parental control system, making online security and digital parenting accessible to all. Gryphon Guardian is mesh compatible with the original Gryphon. The company is offering an early bird 30% off special between November 28-December 31 2019 direct from Gryphon Online Safety.

Gryphon Online Safety wants to help families protect all of their homes' devices from hacker intrusions, malware threats, to prevent kids from being exposed to inappropriate content, and to equip parents with tools to promote healthy screen time for their children. The company's purpose is to help each person reach their full potential by creating an online environment that is safe, reliable, and enjoyable.

Leading Technology Companies Announce Creation of Cyber Security Research Alliance

Today, leading technology companies announced the creation of the Cyber Security Research Alliance (CSRA). The CSRA is a private, non-profit research consortium formed in response to the growing need for increased public-private collaboration to address complex problems in cyber security. The founding members of the CSRI are Advanced Micro Devices (AMD), Honeywell, Intel Corporation, Lockheed Martin, and RSA/EMC.

President Obama has prioritized cyber threats as one of the most serious economic and national security challenges we face as a nation and a dependency to America's economic prosperity in the 21st century.

Leading Technology Companies Form Cyber Security Research Alliance

Today, leading technology companies announced the creation of the Cyber Security Research Alliance (CSRA). The CSRA is a private, non-profit research consortium formed in response to the growing need for increased public-private collaboration to address complex problems in cyber security. The founding members of the CSRI are Advanced Micro Devices (AMD), Honeywell, Intel Corporation, Lockheed Martin, and RSA/EMC.

President Obama has prioritized cyber threats as one of the most serious economic and national security challenges we face as a nation and a dependency to America's economic prosperity in the 21st century.

CSRA seeks to achieve coordinated industry participation to address national cyber security research and development (R&D) imperatives and bridge the gap between government funded R&D and commercially available products and solutions in cyber security. CSRA will focus on challenges that are bigger than any one company, consortium, sector or nation and ensure that government, industry and academia collaborate on in-depth problem understanding and definition.
Return to Keyword Browsing
Nov 21st, 2024 10:31 EST change timezone

New Forum Posts

Popular Reviews

Controversial News Posts