Transcend Information Inc. (Transcend ), a leading global manufacturer of memory storage solutions, announces the launch of its new CFX735 and CFX735I CFast cards. These cards feature built-in write protection technology, designed specifically for professional applications that require secure data storage and stable, high-performance write capabilities.

Leveraging 112-layer 3D NAND flash technology and a SATA III 6 Gb/s interface, this series offers exceptional read/write speeds and large storage capacities. Whether you're dealing with data-intensive applications or operating in demanding environments, these cards deliver reliable performance. The CFX735 operates in a temperature range of -5°C to 70°C, while the CFX735I is built for extreme environments, functioning reliably from -40°C to 85°C, perfect for outdoor and temperature fluctuating scenarios.

The CHERI Alliance CIC (Community Interest Company) today announced its official launch and the expansion of its membership, welcoming Chevin Technology (UK), Critical Technologies (USA), the Defence Science and Technology Laboratory (DSTL, UK), Google (USA), Light Momentum Technology Corporation (Taiwan), National Cyber Security Centre (NCSC, a part of GCHQ, UK), Parvat Infotech (India), SRI International (USA), TechWorks (UK), Trusted Computer Center of Excellence (USA), the University of Birmingham (UK), and the University of Glasgow (UK) as founding members.

Founded to unite hardware security leaders and system developers, the CHERI Alliance aims to establish CHERI (Capability Hardware Enhanced RISC Instructions) as the new standard for memory safety and scalable software compartmentalization.

Kensington, a worldwide leader of desktop computing and mobility solutions for IT, business, and home office professionals, is greatly enhancing the visual productivity of MacBook users with today's launch of the SD5900T EQ Thunderbolt 4 Quad 4K 40 Gbps Dock with DisplayLink Technology.

Ideal for busy professionals juggling multiple tasks and projects, the powerful and stylish dock unlocks the full potential of the MacBook by providing support for up to four external displays, 40 Gbps data transfer speeds, up to 100 W (96 W certified) charging for the MacBook and connected accessories, and a 16-in-1 design. Optimized to support MacBook running macOS 11 or above, the SD5900T leverages the power of Thunderbolt 4 and DisplayLink technology to expand the user's visual workspace, boost productivity, and provide a future-proof solution for the MacBook workstation.

AMI, the global leader in Dynamic Firmware for worldwide computing, has partnered with Samsung Electronics, the global leader in consumer technology, to create an enhanced joint security solution available in Samsung's Galaxy Book PCs. Alongside Samsung's multi-layer security platform Samsung Knox, AMI's Tektagon - the industry-leading Platform Root of Trust firmware security solution - is now integrated into Samsung PCs including the Galaxy Book5 Pro 360, Galaxy Book4 Pro, Galaxy Book4 Pro 360, and Galaxy Book4 Ultra.

Through this collaborative partnership, AMI's Tektagon seamlessly integrates with Samsung Knox to ensure that confidential and sensitive data stays safe at every layer of the device through real-time threat detection and collaborative protection, while providing the highest level of security against firmware-injected malware to help prevent ransomware and denial of service attacks.

A new vulnerability was recently discovered in a widely used print server that is installed by default on many Linux and Unix-based systems with a graphical user interface. The primary attack vector for the vulnerability is the CUPS (Common Unit Printing System) print scheduler, specifically cups-browsed, and has the potential to execute code remotely with zero user interaction required.

The vulnerability has reportedly been given a CVSS score of 9.9 by RHEL and Canonical, although this score is hotly debated, with some arguing it should have a lower score, because, although code can be remotely downloaded to the system, it cannot be executed without user intervention. Fortunately, there is no evidence of the vulnerability having been exploited, although the disclosure was leaked online ahead of a planned private reveal in October, prompting the developer that discovered the vulnerability to post the full explanation in a write-up on their blog. This being the case, the vulnerability could very well start being exploited by malicious actors.

The Bluetooth Special Interest Group (SIG), the organization that oversees Bluetooth technology, announced the release of Bluetooth Channel Sounding, a new secure, fine-ranging feature that promises to enhance the convenience, safety, and security of Bluetooth connected devices. By enabling true distance awareness in billions of everyday devices, Bluetooth Channel Sounding opens countless possibilities for developers and users alike.

"Bluetooth technology has become an ingredient of everyday life," said Neville Meijers, CEO, Bluetooth Special Interest Group. "When connected devices are distance-aware, a range of new possibilities emerge. Adding true distance awareness to Bluetooth technology exemplifies the ongoing commitment of the Bluetooth SIG community to continuously enhance our connection with our devices, one another, and the world around us."

Multiple users have recently reported that the August 13 Windows 11 update causes issues with dual-boot Linux/Windows configurations. However, the issues are actually related to changes in UEFI Secure Boot Advanced Targeting (SBAT) policies. The issue stems from Microsoft enforcing SBAT and revoking old, exploitable certificates. Many Linux distributions use self-signed UEFI shims, which are no longer allowed due to known exploits. The new update revokes the SBAT certificates on affected, known exploitable versions of GRUB shipped with some Linux distributions. This can result in error messages like "Verifying shim SBAT data failed: Security Policy Violation" or "Something has gone seriously wrong: SBAT self-check failed: Security Policy Violation." To resolve this issue, Linux users need to update GRUB or disable the SBAT policy on the Linux side.

It's important to note that this is not primarily a Microsoft problem, but rather a necessary security update that affects some Linux distributions using outdated or vulnerable bootloaders. For more information on SBAT revocations and the boot process, users can refer to the Ubuntu Discourse here. This problem particularly impacts software developers and gaming enthusiasts who rely on dual-boot setups. As always, it's good practice for users to back up their data before performing any system updates. Considering alternatives like using virtual machines is also a good choice for users relying on older Linux distributions.

QNAP Systems, Inc. today officially announced the release of the QTS 5.2 NAS operating system. A standout feature of this release is the debut of Security Center, which actively monitors file activities and thwarts ransomware threats. Additionally, system security receives a boost with the inclusion of support for TCG-Ruby self-encrypting drives (SED). Extensive optimizations have been implemented to streamline operations, configuration, and management processes, significantly elevating the overall user experience.

"We greatly appreciate the invaluable feedback provided by our dedicated QTS 5.2 beta testers, which has been instrumental in putting the finishing touches on this official release," said Tim Lin, Product Manager of QNAP, adding "QNAP remains committed to ensuring our data storage and management solutions stay current, offering dependable NAS storage solutions that meet the heightened expectations of today's users."

ESR, the leading brand for mobile accessories and the #1 brand for MagSafe accessories, proudly announces the launch of its latest innovation: the Cyber FlickLock Case for AirPods. This new product sets a benchmark in AirPod protection, combining ESR's exclusive FlickLock safety lock design with advanced features that enhance both security and usability.

Unmatched Security with FlickLock Lock System
The Cyber FlickLock case showcases ESR's new proprietary FlickLock safety lock, ensuring your AirPods always remain secure. The case lid is designed with a total of 7 strong magnets on the upper and lower sides, providing a powerful magnetic strength of 1480 g. The entire body is crafted from resilient TPU + PC materials, fortified with Air Guard corners that offer dual-layer shock absorption. This design provides robust drop-proof protection, safeguarding your AirPods from everyday impacts.

Zyxel Networks, a leader in delivering secure, AI-powered cloud networking solutions, has announced the launch of its USG LITE 60AX - an AX6000 WiFi 6 security router - an all-in-one unified security gateway appliance designed for small to medium businesses (SMBs), teleworkers and managed service providers (MSPs).

Providing uncompromising, subscription-free protection against online threats, fast WiFi connectivity and effortless cloud management, the USG LITE 60AX also sets an industry-leading standard for eco-friendliness, with a casing that is 95%-made from post-consumer recycled (PCR) plastic. This delivers an 81% reduction in CO2 emissions compared to ABS plastic. Zyxel Networks has also used 100% halogen-free, soy-based inks in all packaging and with a 40% reduction in the volume of packaging used, shipment is made easier, meaning less waste and supporting businesses in achieving their sustainability goals.

AMD has announced a new bug bounty program with prizes for individuals and public researchers. The company is partnering with the cloud security provider Intigriti on this new "bugs hunting campaign", this time, they have a better reward system with up to $30,000 in cash up for grab, while more people can take part. Bug bounties are not new in the industry, with modern hardware, bugs and issues have increased, this being a good way for companies to find vulnerabilities without spending too much on detection.

Individuals look for bugs, and then send a report to the company describing the bug and its impacts, AMD then gives prizes to the hunters based on factors like bug severity. It will be at least interesting to see what happens with AMD's new bug bounty program since public researchers can now take part.

(Eligible list with products and technologies below)

Zyxel Networks' firewall solutions have been awarded Champion status in the latest Professional User Ratings (PUR) survey covering security solutions from techconsult - the renowned independent German research and analysis organisation, and part of the Heise Group.

More than 3,500 security experts from user organisations took part in techconsult's Professional User Rating: Security Solutions 2024 survey. They were asked to rate products and services in a number of areas, with vendors subsequently ranked on the basis of their Solution/Technology Excellence and Company Excellence. Zyxel Networks was one of only eight vendors to achieve the top 'Champion' status, having received the highest overall Solution/Technology Excellence rating and the fourth-highest Company Excellence ranking.

QNAP Systems, Inc. is committed to enhancing the security of its products by engaging in international collaborations. Recently, the company participated in the Pwn2Own Toronto 2023 competition organized by Trend Micro's Zero Day Initiative (ZDI), resulting in valuable experiences and achievements. QNAP will continue to deepen its cooperation with international cybersecurity organizations to continuously improve product security, ensuring the best protection for users' data.

Pwn2Own is a global cybersecurity competition organized by ZDI aimed at challenging security vulnerabilities in various software and hardware. Participants utilize various techniques, including exploit and zero-day attacks, to breach target systems. This competition not only provides a platform for security experts to showcase their skills but also enables vendors to understand and address security vulnerabilities in their products, benefiting users worldwide.

The US government is investigating the potential national security risks associated with China's involvement in the development of open-source RISC-V chip technology. According to a letter obtained by Reuters, the Department of Commerce has informed US lawmakers that it is actively reviewing the implications of China's work in this area. RISC-V, an open instruction set architecture (ISA) created in 2014 at the University of California, Berkeley, offers an alternative to proprietary and licensed ISAs like those developed by Arm. This open-source ISA can be utilized in a wide range of applications, from AI chips and general-purpose CPUs to high-performance computing applications. Major Chinese tech giants, including Alibaba and Huawei, have already embraced RISC-V, positioning it as a new battleground in the ongoing technological rivalry between the United States and China over cutting-edge semiconductor capabilities.

In November, a group of 18 US lawmakers from both chambers of Congress urged the Biden administration to outline its strategy for preventing China from gaining a dominant position in RISC-V technology, expressing concerns about the potential impact on US national and economic security. While acknowledging the need to address potential risks, the Commerce Department noted in its letter that it must proceed cautiously to avoid unintentionally harming American companies actively participating in international RISC-V development groups. Previous attempts to restrict the transfer of 5G technology to China have created obstacles for US firms involved in global standards bodies where China is also a participant, potentially jeopardizing American leadership in the field. As the review process continues, the Commerce Department faces the delicate task of balancing national security interests with the need to maintain the competitiveness of US companies in the rapidly evolving landscape of open-source chip technologies.

JEDEC Solid State Technology Association, the global leader in standards development for the microelectronics industry, today announced publication of the JESD79-5C DDR5 SDRAM standard. This important update to the JEDEC DDR5 SDRAM standard includes features designed to improve reliability and security and enhance performance in a wide range of applications from high-performance servers to emerging technologies such as AI and machine learning. JESD79-5C is now available for download from the JEDEC website.

JESD79-5C introduces an innovative solution to improve DRAM data integrity called Per-Row Activation Counting (PRAC). PRAC precisely counts DRAM activations on a wordline granularity. When PRAC-enabled DRAM detects an excessive number of activations, it alerts the system to pause traffic and to designate time for mitigative measures. These interrelated actions underpin PRAC's ability to provide a fundamentally accurate and predictable approach for addressing data integrity challenges through close coordination between the DRAM and the system.

Blink, an Amazon company, today announced the next-generation Blink Mini 2. The new Blink camera packs a punch in a compact, weather-resistant design that can now be used indoors or outdoors with the purchase of the new Blink Weather Resistant Power Adapter (sold as part of a bundle or separately). Blink Mini 2 offers enhanced image quality with improved low light performance, a wider field of view, and a built-in LED spotlight for night view in color. Powered by the company's custom-built chip, Blink Mini 2 utilizes on-device computer vision (CV) to support smart notifications, including person detection, which is available with a Blink Subscription Plan (sold separately).

"It is clear customers love Blink—in fact, the Blink business has grown 5x over the last four years," said Liz Hamren, chief executive officer at Blink. "We are building on this momentum with the addition of Mini 2 to Blink's affordable and easy-to-use suite of devices. Mini 2 was rebuilt from the inside out, keeping everything customers expect from Blink while adding even more utility through features like person detection, all at an incredible price point."

We have provided an update on the nation-state attack that was detected by the Microsoft Security Team on January 12, 2024. As we shared, on January 19, the security team detected this attack on our corporate email systems and immediately activated our response process. The Microsoft Threat Intelligence investigation identified the threat actor as Midnight Blizzard, the Russian state-sponsored actor also known as NOBELIUM. As we said at that time, our investigation was ongoing, and we would provide additional details as appropriate.

In recent weeks, we have seen evidence that Midnight Blizzard is using information initially exfiltrated from our corporate email systems to gain, or attempt to gain, unauthorized access. This has included access to some of the company's source code repositories and internal systems. To date we have found no evidence that Microsoft-hosted customer-facing systems have been compromised. It is apparent that Midnight Blizzard is attempting to use secrets of different types it has found. Some of these secrets were shared between customers and Microsoft in email, and as we discover them in our exfiltrated email, we have been and are reaching out to these customers to assist them in taking mitigating measures. Midnight Blizzard has increased the volume of some aspects of the attack, such as password sprays, by as much as 10-fold in February, compared to the already large volume we saw in January 2024.

2024 will be the year generative AI gets personal, the CEOs of NVIDIA and HP said today in a fireside chat, unveiling new laptops that can build, test and run large language models. "This is a renaissance of the personal computer," said NVIDIA founder and CEO Jensen Huang at HP Amplify, a gathering in Las Vegas of about 1,500 resellers and distributors. "The work of creators, designers and data scientists is going to be revolutionized by these new workstations."

Greater Speed and Security
"AI is the biggest thing to come to the PC in decades," said HP's Enrique Lores, in the runup to the announcement of what his company billed as "the industry's largest portfolio of AI PCs and workstations." Compared to running their AI work in the cloud, the new systems will provide increased speed and security while reducing costs and energy, Lores said in a keynote at the event. New HP ZBooks provide a portfolio of mobile AI workstations powered by a full range of NVIDIA RTX Ada Generation GPUs. Entry-level systems with the NVIDIA RTX 500 Ada Generation Laptop GPU let users run generative AI apps and tools wherever they go. High-end models pack the RTX 5000 to deliver up to 682 TOPS, so they can create and run LLMs locally, using retrieval-augmented generation (RAG) to connect to their content for results that are both personalized and private.

Cyberattacks are an existential risk, with 89% of organizations ranking ransomware as one of the top five threats to their viability, according to a November 2023 report from TechTarget's Enterprise Strategy Group, a leading analyst firm. And this is just one of many risks to corporate data—insider threats, data exfiltration, hardware failures, and natural disasters also pose significant danger. Moreover, as the just-released 2024 IBM X-Force Threat Intelligence Index states, as the generative AI market becomes more established, it could trigger the maturity of AI as an attack surface, mobilizing even further investment in new tools from cybercriminals. The report notes that enterprises should also recognize that their existing underlying infrastructure is a gateway to their AI models that doesn't require novel tactics from attackers to target.

To help clients counter these threats with earlier and more accurate detection, we're announcing new AI-enhanced versions of the IBM FlashCore Module technology available inside new IBM Storage FlashSystem products and a new version of IBM Storage Defender software to help organizations improve their ability to detect and respond to ransomware and other cyberattacks that threaten their data. The newly available fourth generation of FlashCore Module (FCM) technology enables artificial intelligence capabilities within the IBM Storage FlashSystem family. FCM works with Storage Defender to provide end-to-end data resilience across primary and secondary workloads with AI-powered sensors designed for earlier notification of cyber threats to help enterprises recover faster.

IBM has announced IBM LinuxONE 4 Express, extending the latest performance, security and AI capabilities of LinuxONE to small and medium sized businesses and within new data center environments. The pre-configured rack mount system is designed to offer cost savings and to remove client guess work when spinning up workloads quickly and getting started with the platform to address new and traditional use cases such as digital assets, medical imaging with AI, and workload consolidation.

Building an integrated hybrid cloud strategy for today and years to come
As businesses move their products and services online quickly, oftentimes, they are left with a hybrid cloud environment created by default, with siloed stacks that are not conducive to alignment across businesses or the introduction of AI. In a recent IBM IBV survey, 84% of executives asked acknowledged their enterprise struggles in eliminating silo-to-silo handoffs. And 78% of responding executives said that an inadequate operating model impedes successful adoption of their multicloud platform. With the pressure to accelerate and scale the impact of data and AI across the enterprise - and improve business outcomes - another approach that organizations can take is to more carefully identify which workloads should be on-premises vs in the cloud.

New York-based security firm Trail of Bits has identified a security vulnerability with various GPU models, which include AMD, Qualcomm, and Apple. This vulnerability, named LeftoverLocals, could potentially allow attackers to steal large amounts of data from a GPU's memory. Mainstream client-GPUs form a sizable chunk of the hardware accelerating AI and LLMs, as they cost a fraction of purpose-built data-center GPUs, and are available in the retail market. Unlike CPUs, which have undergone extensive hardening against data leaks, GPUs were primarily designed for graphics acceleration and lack similar data privacy architecture. To our knowledge, none of the client GPUs use virtualization with their graphics memory. Graphics acceleration in general is a very memory sensitive application, and requires SIMD units to have bare-metal access to memory, with as little latency as possible.

First the good news—for this vulnerability to be exploited, it requires the attacker to have access to the target device with the vulnerable GPU (i.e. cut through OS-level security). The attack could break down data silos on modern computers and servers, allowing unauthorized access to GPU memory. The potential data breach could include queries, responses generated by LLMs, and the weights driving the response. The researchers tested 11 chips from seven GPU makers and found the vulnerability in GPUs from Apple, AMD, and Qualcomm. While NVIDIA, Intel, and Arm first-party GPUs did not show evidence of the vulnerability, Apple, Qualcomm, and AMD confirmed to wired that their GPUs are affected, and that they're working on a security response. Apple has released fixes for its latest M3 and A17 processors, but older devices with previous generations of Apple silicon remain vulnerable. Qualcomm is providing security updates, and AMD plans to offer mitigations through driver updates in March 2024.

ASUS today announced the RT-AX57 Go tri-mode travel router, a dual-band model that offers ultra-fast WiFi 6 up to 3,000 Mbps. It provides tri-mode connectivity for travel, work and home, including 4G and 5G mobile tethering, public WiFi mode (WISP), router mode, subscription-free security and multiple VPN features. With support for 160 MHz WiFi channels, RT-AX57 Go can also support up to 70 devices, four times the capacity of previous models.

Frequent travelers often face situations where no WiFi is available. The RT-AX57 Go can provide an easy and secure connection through the mobile hotspot feature that can share WiFi with multiple devices. Travelers may also experience a limit on the number of devices that can connect to hotel or airport WiFi, and expensive connection fees. RT-AX57 Go can help sidestep these hassles by letting users easily set up private WiFi connections anywhere, whether in a hotel room, on a cruise ship, at an airport terminal, or even a recreational vehicle at a camp site.

Phison Electronics Corp., a global leader in NAND flash controller and storage solutions, today announced the company's predictions for 2024 trends in NAND flash infrastructure deployment. The company predicts that rapid proliferation of artificial intelligence (AI) technologies will continue apace, with PCIe 5.0-based infrastructure providing high-performance, sustainable support for AI workload consistency as adoption rapidly expands. PCIe 5.0 NAND flash solutions will be at the core of a well-balanced hardware ecosystem, with private AI deployments such as on-premise large language models (LLMs) driving significant growth in both everyday AI and the infrastructure required to support it.

"We are moving past initial excitement over AI toward wider everyday deployment of the technology. In these configurations, high-quality AI output must be achieved by infrastructure designed to be secure, while also being affordable. The organizations that leverage AI to boost productivity will be incredibly successful," said Sebastien Jean, CTO, Phison US. "Building on the widespread proliferation of AI applications, infrastructure providers will be responsible for making certain that AI models do not run up against the limitations of memory - and NAND flash will become central to how we configure data center architectures to support today's developing AI market while laying the foundation for success in our fast-evolving digital future."

Chinese chipmaker Montage Technology has unveiled new data center processors under its Jintide brand based on Intel's latest Emerald Rapids Xeon architecture. The 5th generation Jintide lineup offers anywhere from 16-core to 48-core options for enterprise customers needing advanced security specific to China's government and enterprise requirements. Leveraging a long-running joint venture with Intel, Jintide combines standard high-performance Xeon microarchitectures with added on-die monitoring and encryption blocks, PrC (Pre-check) and DSC (Dynamic Security Check), which are security-hardened for sensitive Chinese use cases. The processors retain all core performance attributes of Intel's vanilla offerings thanks to IP access, only with extra protections mandated by national security interests. While missing the very highest core counts, the new Jintide chips otherwise deliver similar Emerald Rapids features like 8-channel DDR5-5600 memory, 80 lanes of speedy PCIe 5.0, and elevated clock speeds over 4.0 GHz at peak. The Jintide processors have 2S scaling, which allows for dual-socket systems with up to 96 cores and 192 threads.

Pricing remains unpublished but likely carries a premium over Intel list prices thanks to the localized security customization required. However, with Jintide uniquely meeting strict Chinese government and data regulations, cost becomes secondary for target customers needing compliant data center hardware. After matching lockstep with Intel's last several leading Xeon generations, Jintide's continued iteration highlights its strategic value in enabling high-performance domestic infrastructure as China eyes IT supply chain autonomy. Intel gets expanded access to the growing Chinese server market, while Chinese partners utilize Intel IP to strengthen localized offerings without foreign dependency. It manifests the delicate balance of advanced chip joint ventures between global tech giants and rising challengers. More details about the SKUs are listed in the table below.

EnGenius, a leading innovator in connectivity solutions, is thrilled to announce the launch of its latest product, the XG60-FIT gateway, a solution designed specifically for small businesses' security and networking needs. With the XG60-FIT gateway, small businesses can efficiently manage remote worker networks and branch locations, ensuring secure communication and data protection without needing dedicated IT teams.

Robust Cybersecurity and Seamless Network Performance
The XG60-FIT gateway provides dependable connectivity, efficient security, and easy management. This robust connectivity solution offers high throughput performance and real-time protection for businesses' networks, allowing for collaboration and secure data sharing. Its innovative approach to simplicity makes VPN setup a breeze, enabling quick and secure connections between branches or remote workers with just a few clicks. To enhance network reliability, the gateway features dual-WAN ports for load balancing and failover support, with cellular WAN serving as a backup connection in case of WAN failures. Additionally, it offers multiple gigabit ports and a PoE+ port to power Wi-Fi access points, delivering high-performance Wi-Fi for small businesses, branch offices, and WFH employees.