EnGenius, a leading innovator in connectivity solutions, is thrilled to announce the launch of its latest product, the XG60-FIT gateway, a solution designed specifically for small businesses' security and networking needs. With the XG60-FIT gateway, small businesses can efficiently manage remote worker networks and branch locations, ensuring secure communication and data protection without needing dedicated IT teams.

Robust Cybersecurity and Seamless Network Performance
The XG60-FIT gateway provides dependable connectivity, efficient security, and easy management. This robust connectivity solution offers high throughput performance and real-time protection for businesses' networks, allowing for collaboration and secure data sharing. Its innovative approach to simplicity makes VPN setup a breeze, enabling quick and secure connections between branches or remote workers with just a few clicks. To enhance network reliability, the gateway features dual-WAN ports for load balancing and failover support, with cellular WAN serving as a backup connection in case of WAN failures. Additionally, it offers multiple gigabit ports and a PoE+ port to power Wi-Fi access points, delivering high-performance Wi-Fi for small businesses, branch offices, and WFH employees.

Linksys, an iconic Home and Small Office connectivity company, announces in a statement of direction the new Cognitive Security capability, which will complement the newly released Designer Series through the end of the year. Cognitive Security technology will then be released in the soon-to-be announced Icon Series later this year.

The term "Cognitive" in the technology space refers to "thinking technologies," which can deterministically, either by user selection or automation, solve problems. In Phase 1 of its implementation, Linksys Cognitive Security was developed entirely based on user input and feedback, focusing on saving users time and effort.

Symantec, a division of Broadcom Inc., is partnering with Google Cloud to embed generative AI (gen AI) into the Symantec Security platform in a phased rollout that will give customers a significant technical edge for detecting, understanding, and remediating sophisticated cyber attacks.

Symantec is leveraging the Google Cloud Security AI Workbench and security-specific large language model (LLM)--Sec-PaLM 2-across its portfolio to enable natural language interfaces and generate more comprehensive and easy-to-understand threat analyses. With Security AI Workbench-powered summarization of complex incidents and alignment to MITRE ATT&CK context, security operations center (SOC) analysts of all levels can better understand threats and be able to respond faster. That, in turn, translates into greater security and higher SOC productivity.

IBM has announced the expansion of the their Cloud Security and Compliance Center, a suite of modernized cloud security and compliance solutions designed to help enterprises mitigate risk and protect data across their hybrid, multicloud environments and workloads. As clients look for ways to address new threats across the supply chain and manage evolving global regulations, the solution suite helps to support their resiliency, performance, security, and compliance needs while helping to minimize operational costs.

"IBM Cloud has a long history of working with clients in financial services and other highly regulated industries, especially when it comes to helping them to drive innovation while protecting their sensitive data," said Rohit Badlaney, General Manager, IBM Cloud Product and Industry Platform. "The expansion of the IBM Cloud Security and Compliance Center demonstrates our continued focus on industry-specific capabilities that help address real world business challenges for our clients. For example, clients have the ability to utilize the IBM Cloud Framework for Financial Services, which can help them address evolving rules, laws and regulations surrounding cloud risk. The new capabilities showcase our commitment to supporting clients on their hybrid cloud modernization journeys, designed for security, compliance, privacy, and trust at the forefront of our product roadmap."

Today, McAfee Corp., a global leader in online protection, announced the launch of its new McAfee Privacy & Identity Guard product available at Staples stores nationwide. McAfee's Privacy & Identity Guard will help Staples customers safeguard their identity and privacy online. In the U.S. 70% of adults are concerned about their ability to keep their information private. And more than half (52%) of U.S. adults want to be more in control of personal information and data online. Therefore, regaining control of personal data, and the data often most sought after by cybercriminals, has never been more important.

Staples customers will have access to McAfee Privacy & Identity Guard and will be able to proactively monitor and remove data online to help prevent potential identity theft and fraud. With an industry-leading set of features, McAfee Privacy & Identity Guard provides visibility into the risky places personal information is available, including the dark web, data broker sites, and sites that hold data tied to unused or old accounts. Customers can then take action to reduce the amount of personal data online and, in turn, lower the risk of identity theft.

Samsung Electronics today announced the first step in a plan to reimagine mobile device security for business customers in partnership with Microsoft. This collaboration has led to the industry's first on-device, mobile hardware-backed device attestation solution that works equally well on both company and personally owned devices.

Device attestation can help ensure a device's identity and health, verifying that it has not been compromised. On-device, mobile hardware-backed device attestation—available on Samsung Galaxy devices and combined with protection from Microsoft Intune—now adds enhanced security and flexibility. For enterprises, this is an extra layer of protection against compromised devices falsely claiming to be known and healthy, gaining access to sensitive corporate data. Additionally, organizations can now enable employees to bring their own device (BYOD) to work with the confidence that they are protected with the same level of security as company owned devices. For employees, this means added flexibility for their personal Galaxy devices to safely access their work environment.

IBM today announced that it has received an additional Trusted Supplier accreditation from the Department of Defense (DoD) Defense Microelectronics Activity (DMEA) for delivery of embedded security services customized for a U.S.-based advanced microelectronics manufacturer. IBM Consulting's accredited security services were previously recognized with the prestigious James S. Cogswell Outstanding Industrial Security Achievement Award for overall security program excellence in 2022.

Microelectronics are used in most defense technology platforms—from mobile devices to computers and advanced weapons systems. This makes microelectronics supply chains critical to our national security and economic prosperity. However, they also represent one of the most complex defense-critical supply chains to secure because of their global reach and manufacturing. IBM Consulting's award-winning accredited security services takes this complexity into account, allowing for not only the identification, but also the remediation of microelectronics supply chain vulnerabilities.

A new vulnerability has been discovered in AMD Zen 2 based CPUs by Tavis Ormandy, a Google Information Security researcher. Ormandy has named the new vulnerability Zenbleed—also known as CVE-2023-20593—and it's said to affect all Zen 2 based AMD processors, which means Ryzen 3000, 4000 and 5000-series CPUs and APUs, as well as EPYC server chips. The reason why Zenbleed is of concern is because it doesn't require a potential attacker to have physical access to the computer or server in question and it's said to be possible to trigger the vulnerability via executing a javascript on a webpage. This means that the attack vector ends up being massive, at least when we're talking about something like a webhosting company.

Zenbleed is said to allow a potential attacker to gain access to things like encryption keys and user logins via triggering something called "the XMM Register Merge Optimization2, followed by a register rename and a mispredicted vzeroupper." Apparently this requires some precision for the vulnerability to work, but due to these registers being used system wide, even a sandboxed attacker can gain access to them. AMD has already issued a patch for its EPYC server CPUs, which obviously are the most vulnerable systems in question and the company is planning to release patches for all of its Zen 2 based CPUs before the end of the year. Hit up the source links for more details about Zenbleed.

Earlier today Logitech International was invited and honored to participate in the US National Label for Consumer IoT Security launch at the White House in Washington DC. The event, sponsored by the National Security Council, was led by chairwoman of the FCC, Jessica Rosenworcel, and included members of both organizations, as well as other leading tech companies focused on and making strides in product security for consumers.

Logitech is an active contributor in industry efforts to integrate security into the core standards that its products use. Through its participation in the Product Security Working Group (PSWG) and Matter Working Group within the Connectivity Standards Alliance (CSA), the company continues to work with others in the industry to write and certify the standards by which next generation products will operate.

Today, U.S. Deputy National Security Advisor Anne Neuberger, Chairwoman of the Federal Communications Commission (FCC) Jessica Rosenworcel, and Laurie Locascio, Director of the National Institute of Standards and Technology (NIST) unveiled the U.S. national IoT security label at the White House.

Infineon Technologies AG supports this action to address the growing need for IoT security. The new label supports the IoT security requirements under NISTIR 8425, which resulted from an Executive Order to improve the nation's cybersecurity. This label will recognize products that meet these requirements by permitting them to display a U.S. government label and be listed in a registry indicating that these products meet U.S. cybersecurity standards.

If you own one of several recent ASUS router models, then you're being urged by ASUS to upgrade your firmware to the latest release as soon as possible, due to a few serious security flaws. The two most severe being CVE-2022-26376 and CVE-2018-1160, both of which are rated 9.8 on a scale of 10 in terms of severity. However, if you're running the third party Asuswrt-Merlin firmware, you're apparently safe, as the author of the third party firmware has already patched all the known security issues that ASUS has announced patches for.

The affected models are the GT6, GT-AXE16000, GT-AX11000 PRO, GT-AX6000, GT-AX11000, GS-AX5400, GS-AX3000, XT9, XT8, XT8 V2, RT-AX86U PRO, RT-AX86U, RT-AX86S, RT-AX82U, RT-AX58U, RT-AX3000, TUF-AX6000, and TUF-AX5400. That's 18 different models in total, all of which should be built around Broadcom hardware. It's unclear if more models are affected or not, but these are the ones ASUS has issued updates for. The security flaws in question could allow someone to take over an unpatched router and make it a part of a botnet or similar. ASUS has suggested turning off features like DDNS and VPN servers, as well as more obvious things like WAN access, port forwarding, port triggers and DMZ until the firmware has been updated on the affected models.

At Xbox, we have the fundamental commitment to provide all players with a safe and secure experience on our platform - and this is especially true for our youngest players. We frequently iterate on our safety measures, in collaboration and with feedback from the community, regulators and partners. We recently entered into a settlement with the U.S. Federal Trade Commission (FTC) to update our account creation process and resolve a data retention glitch found in our system. Regrettably, we did not meet customer expectations and are committed to complying with the order to continue improving upon our safety measures. We believe that we can and should do more, and we'll remain steadfast in our commitment to safety, privacy, and security for our community.

Our two decades of safety experience has taught us that all players want, and need, safety and privacy protections. Since 2005, when we launched the first console that could connect players online, we've continued to invest in tools and technologies to protect our community. That work evolved into a multifaceted safety strategy. Our suite of safety, privacy and security measures are designed to respect player privacy and safety, and empower players, as well as parents and caregivers, to have control over their gaming experiences.

GIGABYTE Technology, one of the leading global manufacturers of motherboards, graphics cards, and hardware solutions, has always prioritized cybersecurity and information security. GIGABYTE remains committed to fostering close collaboration with relevant units and implementing robust security measures to safeguard its users. GIGABYTE engineers have already mitigated potential risks and uploaded the Intel 700/600 and AMD 500/400 series Beta BIOS to the official website after conducting thorough testing and validation of the new BIOS on GIGABYTE motherboards.

To fortify system security, GIGABYTE has implemented stricter security checks during the operating system boot process. These measures are designed to detect and prevent any possible malicious activities, providing users with enhanced protection:

• 1. Signature Verification: GIGABYTE has bolstered the validation process for files downloaded from remote servers. This enhanced verification ensures the integrity and legitimacy of the contents, thwarting any attempts by attackers to insert malicious code.
• 2. Privilege Access Limitations: GIGABYTE has enabled standard cryptographic verification of remote server certificates. This guarantees that files are exclusively downloaded from servers with valid and trusted certificates, ensuring an added layer of protection.

BIOS updates for the Intel 500/400 and AMD 600 series chipset motherboards will also be released on the GIGABYTE official website later today, along with updates for previously released motherboards. GIGABYTE recommends that users regularly visit the official GIGABYTE website for future BIOS updates.

Technology is creating amazing opportunities for our industry and the world, and Windows 11 is at the center of innovation with new experiences that transform how we interact with the Windows PC and each other. With Windows 11, we're seeing record engagement, our highest customer satisfaction over any previous version of Windows in the U.S., and accelerated growth in commercial deployments. In fact, we recently shared as part of our latest earnings report that over 90% of Fortune 500 companies are currently trialing or have already deployed Windows 11.

In February, we brought the new AI-powered Bing to the taskbar and other features to improve the way people get things done on their PCs. Today, we are providing a look at new features and enhancements for Windows 11 that will start to become available tomorrow, May 24, that focus on business needs, such as security and IT management, and new benefits that enhance professional and personal usability. For developers building on Windows, this week we are announcing new innovation at Microsoft Build.

Acer today unveiled the Acer Connect Vero W6m mesh router, its first eco-friendly Wi-Fi 6E router that incorporates post-consumer recycled (PCR) materials in its chassis and features an Eco mode for efficient energy consumption. The router is powered by a quad-core 2 GHz processor and includes a bundle of enhanced connectivity, coverage, and security features, including Wi-Fi 6E Tri-Band AXE7800 capability.

"We are thrilled to expand Acer's portfolio of network devices with the launch of the Acer Connect Vero W6m Wi-Fi 6E mesh router, engineered with support for Wi-Fi 6E tri-band connectivity to provide swift and secure connections with vast network coverage within any home or office locations," said Wayne Ma, General Manger, IoB, Acer Inc. "The performance-driven router is also the latest addition to our growing Vero line of eco-conscious products, embodying Acer's commitment to fulfilling its environmental responsibility and helping minimize carbon footprint."
Fast and Seamless Wi-Fi 6E Connections

Dell Technologies and NVIDIA announce a joint initiative to make it easier for businesses to build and use generative AI models on-premises to quickly and securely deliver better customer service, market intelligence, enterprise search and a range of other capabilities. Project Helix will deliver a series of full-stack solutions with technical expertise and pre-built tools based on Dell and NVIDIA infrastructure and software. It includes a complete blueprint to help enterprises use their proprietary data and more easily deploy generative AI responsibly and accurately.

"Project Helix gives enterprises purpose-built AI models to more quickly and securely gain value from the immense amounts of data underused today," said Jeff Clarke, vice chairman and co-chief operating officer, Dell Technologies. "With highly scalable and efficient infrastructure, enterprises can create a new wave of generative AI solutions that can reinvent their industries."

"We are at a historic moment, when incredible advances in generative AI are intersecting with enterprise demand to do more with less," said Jensen Huang, founder and CEO, NVIDIA. "With Dell Technologies, we've designed extremely scalable, highly efficient infrastructure that enables enterprises to transform their business by securely using their own data to build and operate generative AI applications."

Microsoft is determined to get the entirety of its Windows 10 userbase onto the final version - 22H2 - by early summer. Older iterations including 21H2 (issued in November of 2021), will not receive official support beyond the date: June 13 2023. The announcement crept out quietly last week, via the company's Learn Documentation center: "Home, Pro, Pro Education, and Pro for Workstations editions of Windows 10, version 21H2 will reach end of servicing. The upcoming June 2023 security update, to be released on June 13, 2023, will be the last update available for these versions. After this date, devices running these version will no longer receive monthly security and preview updates containing protections from the latest security threats."

The reminder does not give specific details about rollout timings, but news outlets reckon that OS-focused enforcements will begin in early June: "To help keep you protected and productive, Windows Update will automatically initiate a feature update for Windows 10 consumer devices and non-managed business devices that are at, or within several months of, reaching end of servicing. This keeps your device supported and receiving monthly updates that are critical to security and ecosystem health. For these devices, you will be able to choose a convenient time for your device to restart and complete the update." Microsoft provides further advice and recommends that users update (manually) to version 2H22 at the earliest opportunity, or take the larger step of transferring to Windows 11. Last month TPU reported on a similar official advisory blog entry, where the author/product manager (in effect) proposed "that current Windows 10 users move to 11 as soon as possible, in order to enjoy a continued stream of feature updates."

MSI suffered a massive data breach at the start of April and the Taiwanese electronics company promptly alerted its customers about the cyberattack on its "information systems." A few days later it emerged that a relatively young ransomware group "Money Message" was behind the hacking effort - these cybercriminals stated that they had infiltrated MSI's internal network. Gang members proceeded to acquire sensitive company files, database information and source code. At the time, Money Message demanded that MSI pay them a ransom of $4 million, with the added threat of stolen data getting leaked to the general public on the internet (in the event of MSI failing to pay up).

Money Message has this week claimed that MSI has refused to meet their demands - as a result, an upload of stolen data started on Thursday with files appearing on the group's own website, and spreading to the dark web soon after. Binarly, a cybersecurity firm, has since analyzed the leaked files and discovered the presence of many private code signing keys within the breached data dump. Alex Matrosov, Binarly's CEO states via Twitter: "Recently, MSI USA announced a significant data breach. The data has now been made public, revealing a vast number of private keys that could affect numerous devices. FW Image Signing Keys: 57 products (and) Intel Boot Guard BPM/KM Keys: 166 products." Binary has provided a list of affected MSI devices (gaming laptops & mobile workstations) on their GitHub page.

Apricorn, the leading manufacturer of software-free, 256-bit AES XTS hardware-encrypted USB drives, today announced the release of the USB 10Gbs Aegis NVX. Employing proprietary architecture, The Aegis NVX is the first Apricorn encrypted device to feature an NVMe SSD inside. Initial capacity offerings will be 500 GB, 1 TB, and 2 TB, with a price range of $339.00 - $739.00 MSRP.

The NVX was conceived to address the immediate protection of raw data delivered directly from its source at high speeds, such as high-definition video cameras with the capability to write to an external SSD via USB C or HDMI. The NVX's high-speed read/write capabilities at 1,000 MB/s are sought after in the fields of military intelligence, digital forensics, filmmaking and healthcare where write speeds over 600 Mb/s are critical.

Owners of TP-Link routers ought to heed a warning from the US government's Cybersecurity and Infrastructure Security Agency (CISA), as at least one router model from the company is vulnerable to known exploits. The exploit is actively targeted by Mirai botnet operators and it allows for injection of commands that could allow them to take over the routers via remote code execution (RCE) software. The router from TP-Link that is known to be vulnerable to the exploits is the Archer AX-21, a fairly recent entry level AX1800 Wi-Fi 6 model that is sold globally by the company.

The specific exploit for the Archer AX-21 is tracked as CVE-2023-1389 and is affecting all Archer AX-21 routers with a firmware version older than 1.1.4 2023019, as it's said to address the vulnerabilities. Users who have linked their router to a TP-Link cloud account and allow for automatic updates should already have had their router firmware automatically updated, but everyone else should update their router firmware as soon as possible. There have already been reports of the exploit being actively used by the Mirai botnet to take over routers in Eastern Europe as of the middle of last month, but further parts of the world aren't spared from attacks either by now. Routers might often be devices that are forgotten in a corner somewhere, but it's important to keep the firmware up to date, especially as they are increasingly becoming the target of hackers.

Apple announced a joint partnership with Google in submitting a new industry specification to curtail unwanted tracking via Bluetooth location-tracking devices currently on the market. The new standard would provide tracker detection across both iOS and Android, regardless of the brand of the tracker being used. The proposal addresses the concerns surrounding the ease in which a person can be tracked by a sneaky location-tracker stuck to their person, possession, or vehicle by bad-faith actors using the technology to stalk individuals. Apple has previous released updates to their Find My service which will alert the victim if they are being tracked by an unknown AirTag, but this tech relies on the person having an iPhone. Third party detection apps exist on Android, but they're far from perfect and aren't currently officially supported by any of the parent companies making Bluetooth location trackers.

The proposal has received industry wide support from other manufacturers such as Samsung, Tile, Chipolo, eufy Security, and Pebblebee. Advocacy groups such as The National Network to End Domestic Violence and the Center for Democracy & Technology have also contributed to the specification draft. The draft has been submitted via the Internet Engineering Task Force (IETF) with a three month review and comment period open to interested parties that would like to weigh in on the proposed specification. After this period Apple and Google will work to address concerns and feedback before putting the specification into production by the end of 2023, unifying a tracking alerts system on all future versions of iOS and Android.

As market share of Apple's ARM based Mac computers has increased, so too have efforts to compromise them by previously uninterested hacker groups. A recent string of malware created specifically for macOS has shown that these groups are turning their gaze toward the generally well protected Mac ecosystem. One of these new malware threats, discovered by Jamf Threat Labs and dubbed 'RustBucket,' acts as a simple third-party PDF viewer. The application itself does nothing malicious until a specific PDF is opened which includes an encoded key that triggers a connection to be made between the attacker's server and the victim's Mac, and a small malicious payload to be downloaded. The initial payload begins running system recon commands to determine the machine information, and then downloads a third stage payload which gives the attackers further access to the underlying operating system. All stages after the user opens the PDF are run silently in the background. The PDF viewer used as the catalyst for this hack does require manually overriding Apple's Gatekeeper as it carries no signature, so the obvious step to mitigate this attack is to not use third-party apps or services aside from those curated on Apple's App Store.

The second macOS malware of the week was discovered by Cyble Research and Intelligence Labs (CRIL) being offered for a paltry $1,000 USD per month on a Telegram channel, with the malware going by the name "Atomic macOS Stealer" or "AMOS." This malware has capabilities to scrape keychain passwords, system information, files from the desktop and documents folders, the macOS user password, browser auto-fills, passwords, cookies, wallets, and stored credit card info. The malware is especially adapted to go after cryptowallets with Cyble citing examples such as Electrum, Binance, Exodus, Atomic, and Coinomi. Cyble notes that they've seen the malware receiving active development to improve its capabilities and the threat actors even offering management software and web panels for keeping track of victimized machines, all with a logging system that dumps to Telegram. The current attack vector is a simple Golang.dmg file which installs the malware, so this does appear to require direct machine access. However once installed, "AMOS" does its handiwork without detection and sends a compressed file off to the attacker's server with all the information it collected.

Genesis Market, an online-fraud-facilitation website and marketplace, has today been closed by an international joint effort coordinated by various police forces. Law enforcement agencies around the world took part in synchronized raids, including at locations in the UK and USA. 208 searches have been carried out, beginning at dawn on Tuesday 4 April, and a total of 119 suspected individuals have been arrested. This operation was spearheaded by the FBI in the US and the Dutch National Police. Consequently, users of the genesis.market website have been greeted with a boastful message and infographic on the home and login pages: "Operation Cookie Monster. This website has been seized."

Sophos, a leading software and hardware security vendor, has previously identified genesis.market as: "an invitation-only marketplace" from which buyers can acquire stolen credentials, cookies, and digital fingerprints that are gathered from compromised systems." According to the company's research, the illegal marketplace was also identified as an Initial Access Broker (IAB) - a business that compromises systems and services, steals data, and sells it. Genesis Market has special engagement capabilities in the field of illegally acquiring "credentials, cookies, and digital fingerprints". This stolen data was often sold on under individual lots, but the site also offered a longer term supply of data packages via a subscription service. This would offer the customer an up-to-date information trail, be it the tracking of an individual person or a collective.

Microsoft Corp. on Tuesday announced it is bringing the next generation of AI to cybersecurity with the launch of Microsoft Security Copilot, giving defenders a much-needed tool to quickly detect and respond to threats and better understand the threat landscape overall. Security Copilot will combine Microsoft's vast threat intelligence footprint with industry-leading expertise to augment the work of security professionals through an easy-to-use AI assistant.

"Today the odds remain stacked against cybersecurity professionals. Too often, they fight an asymmetric battle against relentless and sophisticated attackers," said Vasu Jakkal, corporate vice president, Microsoft Security. "With Security Copilot, we are shifting the balance of power into our favor. Security Copilot is the first and only generative AI security product enabling defenders to move at the speed and scale of AI."

Fortinet, the global cybersecurity leader driving the convergence of networking and security, today announced FortiSP5, the latest breakthrough in ASIC technology from Fortinet, propelling major leaps forward in securing distributed network edges. Building on over 20 years of ASIC investment and innovation from Fortinet, FortiSP5 delivers significant secure computing power advantages over traditional CPU and network ASICs, lower cost and power consumption, the ability to enable new secure infrastructure across branch, campus, 5G, edge compute, operational technologies, and more.

"With the introduction of FortiSP5, Fortinet once again sets new industry records for performance, cost, and energy efficiency. As the only cybersecurity vendor leveraging purpose-built ASICs, an over 20-year investment in innovation, Fortinet delivers the secure computing power that will support the next generation of secure infrastructure." Ken Xie, Founder, Chairman of the Board, and Chief Executive Officer at Fortinet