Intel today announced that Lawrence Livermore National Laboratory (LLNL) will leverage Intel Xeon Scalable processors in "Ruby," its latest high performance computing cluster. The Ruby system will be used for unclassified programmatic work in support of the National Nuclear Security Administration's (NNSA) stockpile stewardship mission, for researching therapeutic drugs and designer antibodies against SARS-CoV-2, the virus that causes COVID-19, and for other open science work at LLNL.

Ruby was built in collaboration with Intel, LLNL, Supermicro and Cornelis Networks. The system consists of more than 1,500 nodes, each outfitted with Intel Xeon Scalable processors, and features 192 gigabytes of memory. Ruby will deliver 6 petaflops of peak performance and is expected to rank among the world's top 100 most powerful supercomputers.

Intel today unveiled the suite of new security features for the upcoming 3rd generation Intel Xeon Scalable platform, code-named "Ice Lake." Intel is doubling down on its Security First Pledge, bringing its pioneering and proven Intel Software Guard Extension (Intel SGX) to the full spectrum of Ice Lake platforms, along with new features that include Intel Total Memory Encryption (Intel TME), Intel Platform Firmware Resilience (Intel PFR) and new cryptographic accelerators to strengthen the platform and improve the overall confidentiality and integrity of data.

Data is a critical asset both in terms of the business value it may yield and the personal information that must be protected, so cybersecurity is a top concern. The security features in Ice Lake enable Intel's customers to develop solutions that help improve their security posture and reduce risks related to privacy and compliance, such as regulated data in financial services and healthcare.

The Singaporean Infocomm Media Development Authority (IMDA) has recently unveiled a suite of new security requirements for home routers. The new security requirements will include requiring unique login credentials, and automatic security patch updates. The new requirements were developed by IMDA in collaboration with private industry and the public. The mandates will apply to all new home routers sold in Singapore from 13 April 2021 however a grace period will apply for existing models until 12 October 2021. Singapore is one of the first countries to introduce such requirements after Japan, while the UK is currently evaluating such measures.

Today at the Intel Industrial Summit 2020, Intel announced new enhanced internet of things (IoT) capabilities. The 11th Gen Intel Core processors, Intel Atom x6000E series, and Intel Pentium and Celeron N and J series bring new artificial intelligence (AI), security, functional safety and real-time capabilities to edge customers. With a robust hardware and software portfolio, an unparalleled ecosystem and 15,000 customer deployments globally, Intel is providing robust solutions for the $65 billion edge silicon market opportunity by 2024.

"By 2023, up to 70% of all enterprises will process data at the edge. 11th Gen Intel Core processors, Intel Atom x6000E series, and Intel Pentium and Celeron N and J series processors represent our most significant step forward yet in enhancements for IoT, bringing features that address our customers' current needs, while setting the foundation for capabilities with advancements in AI and 5G," said John Healy, Intel vice president of the Internet of Things Group and general manager of Platform Management and Customer Engineering.

Security researcher Volodymyr Diachenko has discovered a security breach over at hardware peripheral manufacturer Razer. Reportedly, Mr. Volodymyr found a badly configured Elasticsearch cluster filled with over 100,000 data entries of Razer customers. That means that anywhere from customer email, physical address and phone number have been exposed to the public, making this leak potentially dangerous. What is even more dangerous is that the Elasticsearch cluster was not only exposed to the internet, however, it was also indexed by a search engine, making the data more easily searchable and discoverable. This is a pure admin fail, no hacking was required, they just left the front door open. Razer issued an official response to the incident below:

RazerWe were made aware by Mr. Volodymyr of a server misconfiguration that potentially exposed order details, customer and shipping information. No other sensitive data such as credit card numbers or passwords was exposed.
The server misconfiguration has been fixed on 9 Sept, prior to the lapse being made public.
We would like to thank you, sincerely apologize for the lapse and have taken all necessary steps to fix the issue as well as conduct a thorough review of our IT security and systems. We remain committed to ensure the digital safety and security of all our customers.

Underscoring its mission to enable the world to solve its biggest data challenges by building a data infrastructure with next-gen security, Western Digital (NASDAQ: WDC) today introduced the ArmorLock Security Platform. A data encryption platform that rethinks how data security should be done, the ArmorLock Security Platform was created to help with the diverse security demands of data-centric and content-critical storage use cases in industries as varied as finance, government, healthcare, IT enterprise, legal, and media and entertainment. As data security concerns continue to rise in visibility, Western Digital plans to apply the platform across a range of storage solutions.

The first product to leverage this advanced technology, the new G-Technology ArmorLock encrypted NVMe SSD, is designed to deliver an easy-to-use, high-performance, high-grade security storage solution for creators in the media and entertainment industry. Facing the threat of hijacked media files and leaked films, studios, agencies, and especially investors are demanding a better way to protect critical content. While much of the industry's focus has been on cloud security, data often remains vulnerable on the portable storage devices holding critical commercial content.

IBM today revealed the next generation of its IBM POWER central processing unit (CPU) family: IBM POWER10. Designed to offer a platform to meet the unique needs of enterprise hybrid cloud computing, the IBM POWER10 processor uses a design focused on energy efficiency and performance in a 7 nm form factor with an expected improvement of up to 3x greater processor energy efficiency, workload capacity, and container density than the IBM POWER9 processor.

Designed over five years with hundreds of new and pending patents, the IBM POWER10 processor is an important evolution in IBM's roadmap for POWER. Systems taking advantage of IBM POWER10 are expected to be available in the second half of 2021. Some of the new processor innovations include:

Intel has had quite a lot of work trying to patch all vulnerabilities discovered in the past two years. Starting from Spectre and Meltdown which exploited speculative execution of the processor to execute malicious code. The entire process of speculative execution relies on the microarchitectural technique for adding more performance called speculative branch prediction. This technique predicts branch paths and prepared them for execution, so the processor spends less time figuring out where and how will instructions flow through the CPU. So far, lots of these bugs have been ironed out with software, but a lot of older CPUs are vulnerable.

However, an attacker has always thought about doing malicious code execution on a CPU core shared with the victim, and never on multiple cores. This is where the new CrossTalk vulnerability comes in. Dubbed Special Register Buffer Data Sampling (SRBDS) by Intel, it is labeled as CVE-2020-0543 in the vulnerability identifier system. The CrossTalk is bypassing all intra-core patches against Spectre and Meltdown so it can attack any CPU core on the processor. It enables attacker-controlled code execution on one CPU core to leak sensitive data from victim software executing on a different core. This technique is quite dangerous for users of shared systems like in the cloud. Often, one instance is shared across multiple customers and until now they were safe from each other. The vulnerability uses Intel's SGX security enclave against the processor so it can be executed. To read about CrossTalk in detail, please visit the page here.

Dutch researcher from the Eindhoven University of Technology has found a new vulnerability in Thunderbolt port that allows attackers with physical access to unlock any PC running Windows or Linux kernel-based OS in less than 5 minutes. The researcher of the university called Björn Ruytenberg found a method which he calls Thunderspy, which can bypass the login screen of any PC. This attack requires physical access to the device, which is, of course, dangerous on its own if left with a person of knowledge. The Thunderbolt port is a fast protocol, and part of the reason why it is so fast is that it partially allows direct access to computer memory. And anything that can access memory directly is a potential vulnerability.

The Thunderspy attack relies on just that. There is a feature built into the Thunderbolt firmware called "Security Level", which disallows access to untrusted devices or even turns off Thunderbolt port altogether. This feature would make the port be a simple USB or display output. However, the researcher has found a way to alter the firmware setting of Thunderbolt control chip in a way so it allows any device to access the PC. This procedure is done without any trace and OS can not detect that there was a change. From there, the magic happens. Using an SPI (Serial Peripheral Interface) programmer with a SOP8 clip that connects the pins of the programmer device to the controller, the attacker just runs a script from there. This procedure requires around $400 worth of hardware. Intel already put some protection last year for the Thunderbolt port called Kernel Direct Memory Access Protection, but that feature isn't implemented on PCs manufactured before 2019. And even starting from 2019, not all PC manufacturers implement the feature, so there is a wide group of devices vulnerable to this unfixable attack.

Tails OS the operating system recommended by Edward Snowden, now works on systems with UEFI Secure Boot enabled. Tails OS is built from the ground up to offer maximum security and privacy running of a portable drive and leaving no trace on the host computer. The latest Tails OS 4.5 update added support for this crucial UEFI Secure Boot feature which was already found in most operating systems. Secure Boot uses cryptographic signatures to verify the integrity of firmware files loaded on system boot and insure they have not been tempered with.

Secure Boot has been available as part of the UEFI specification now for over two decades but is rarely used due to compatibility reasons. While not commonly used, the fact that a security focused operating system did not support this security feature was worrying for many as it meant Secure Boot had to be disabled on the host computer before the OS could boot. Work to add the feature has been ongoing over the last 6 years and is now complete and ready for use.

Researchers have found another vulnerability Inside Intel's Converged Security and Management Engine (CSME). For starters, the CSME is a tiny CPU within a CPU that has access to whole data throughput and is dedicated to the security of the whole SoC. The CSME system is a kind of a black box, given that Intel is protecting its documentation so it can stop its copying by other vendors, however, researchers have discovered a flaw in the design of CSME and are now able to exploit millions of systems based on Intel CPUs manufactured in the last five years.

Discovered by Positive Technologies, the flaw is lying inside the Read-Only Memory (ROM) of the CSME. Given that the Mask ROM is hardcoded in the CPU, the exploit can not be fixed by a simple firmware update. The researchers from Positive Technologies describe it as such: "Unfortunately, no security system is perfect. Like all security architectures, Intel's had a weakness: the boot ROM, in this case. An early-stage vulnerability in ROM enables control over the reading of the Chipset Key and generation of all other encryption keys. One of these keys is for the Integrity Control Value Blob (ICVB). With this key, attackers can forge the code of any Intel CSME firmware module in a way that authenticity checks cannot detect. This is functionally equivalent to a breach of the private key for the Intel CSME firmware digital signature, but limited to a specific platform."

Kingston Digital Europe Co LLP, the Flash memory affiliate of Kingston Technology Company, Inc., a world leader in memory products and technology solutions, announced its IronKey D300 Encrypted USB Flash Drive series has achieved NATO Restricted Level Certification. This indicates that, after a detailed validation process, the Kingston IronKey D300, IronKey D300S and IronKey D300SM have been listed in the NATO Information Assurance Product Catalogue (NIAPC) for security products that meet NATO's nations, civil and military bodies' operational requirements.

The NIAPC is established under an INFOSEC Directive and ensures only cryptographic products which are developed in a NATO member nation are evaluated and approved to use in accordance with NATO Security Policies. The IronKey D300 series is now included on this list, which means it is qualified as an encrypted Flash drive that meets the data protection levels established by NATO to protect information against loss or cyber-attacks. Sensitive data-in-transit needs to be protected as any loss or breach can result in harm to NATO's forces, its members or its mission.

Continuing our quick look series, this time we cover a product that came to us after our article on portable encrypted storage was published. That very article came about from two companies asking us if we would be interested in checking out their products, and when a startup company formed by Russians who specialize in data protection and embedded security asks you the same, you answer yes! Hawk Security was set up in 2018, and is actually based out of Hong Kong now, and offers data encryption solutions with military-grade encryption standards. They sent out their S-Drive, a portable solution with a 3D NAND-based memory and certification galore, with performance and privacy as the selling point.

The Hawk Security S-Drive ships in a thick cardboard box with a two-piece packaging, with aptly named security seals on the sides. The inner box slides out to reveal a premium unboxing experience with thick foam cut to shape, which in turn houses the user manual, the drive, and the connecting cable itself. The manual is handy for not only knowing the locking and unlocking procedures for this encrypted drive, but also the default password for using it the first time. The cable terminates in a standard USB 3.1 Gen 1 Type A connector on one end, but a 10-pin USB 3.1 Gen 1 Micro Type B super-speed connector on the other to help make the most of connection speeds. This means backwards compatibility with USB 2.0 ports is restricted to USB ports/hubs that provide enough power only, so keep that in mind. Read past the break for more on the drive.

Today, on January the 14th, Microsoft is officially ending support for Windows 7 operating system. After more than 10 years since its launch, Windows 7 has remained a primary operating system on many PCs, especially OEM PCs manufactured before 2015, when Windows 10 came out. The user transition from Windows 7 to Windows 10 has not been an easy task for Microsoft, however, by declaring that the product has reached End-Of-Life, Microsoft is trying to make millions of users pull the trigger and embrace the new operating system.

When January 14th arrives, Microsoft will stop giving Windows 7 users technical support, software updates with new features, and most importantly security updates. The official recommendation from Microsoft is to upgrade to the latest version of Windows, meaning Windows 10. As some of the older PCs may have compatibility issues with newer OS, it is also recommended to check your PC specifications. If you are a customer of the Extended Security Updates (ESU) program, you will continue to see further support in the future, however, for regular users, the support period is over.

Gryphon Online Safety, Inc. today announced the commercial launch of its new product the Gryphon Guardian, the lowest known entry cost in the market at $119 for an all-in-one mesh WiFi security router and parental control system, making online security and digital parenting accessible to all. Gryphon Guardian is mesh compatible with the original Gryphon. The company is offering an early bird 30% off special between November 28-December 31 2019 direct from Gryphon Online Safety.

Gryphon Online Safety wants to help families protect all of their homes' devices from hacker intrusions, malware threats, to prevent kids from being exposed to inappropriate content, and to equip parents with tools to promote healthy screen time for their children. The company's purpose is to help each person reach their full potential by creating an online environment that is safe, reliable, and enjoyable.

BZFuture is a new deep-discount software company that lets you save big on renewals of your PC's premium security software from big brands, such as Kasperky, McAfee, ESET, Avira, and BitDefender. With the BZFuture Autumn 2019 Sale, enjoy discounts of up to 60% over prices quoted by these vendors for 1-year per-PC licenses to premium security software suites that include not just antivirus and anti-spyware protection, but also must-haves such as anti-spam, firewall, and anti-ransomware. BZFuture wishes to particularly recommend McAfee Antivirus for USD $11.02, and Kaspersky Internet Security for $18.20.

But why stop at renewing your antivirus? Still on Windows 7 or know someone dear who still is? BZFuture is bundling a genuine, globally-valid Windows 10 Pro permanent OEM license with all of its security software products! BZFuture operates globally, and accepts payments via reputed gateways such as PayPal, so your payment instruments stay secure. The store is also emerging as a great place to buy well-priced gaming peripherals. BZFuture in particular would like to recommend the MotoSpeed CK80, a full 104-key mechanical gaming keyboard with RGB LED lighting and Outemu Gold switches (comparable to Cherry MX Blue), for just $69.46, shipped for free worldwide. Slash 10% off the price of this keyboard with the coupon-code "Techpowerup" at checkout!

Buy McAfee Antivirus 1 PC 1-year + Windows 10 Pro for $11.02 | Kaspersky Internet Security 1 PC 1-year + Windows 10 Pro for $18.20 | Buy MotoSpeed CK80 Gaming Keyboard for $62.51

Here's a strange thing: a case for a free, bundled software solution being better (in the metrics concerned and evaluated) than paid, third-party counterparts. We're writing of none other than Microsoft's own Windows Defender suite, which is bundled with Windows and offers a security solution integrated into your OS. While the "paid is always better" philosophy has been proven wrong time and again and isn't that much of a powerhouse behind users' thought process anymore, the fact is that Windows Defender has somewhat been taken for granted as an "undesirability" in users' computers. However, a comparison made by AV-Test, which pits many of the available cybersecurity solutions available on the market, has found Microsoft's Windows Defender to be worthy of a triad of perfect scores.

The results for Windows Defender include perfect (6.0) scores in the "Protection", "Performance" and Usability" categories. The testing period refers to May through June of this year, and only F-Secure SAFE 17, Kaspersky Internet Security 19 and Norton Security 22.17 managed to get the same perfect scores as Windows Defender Version 4.18. Check out the link for the score of your cybersecurity solution of choice. But it's clear that least where this period is concerned, Windows Defender walked circles around some paid solutions.

NVIDIA has found a total of five security vulnerabilities with its Windows drivers for GeForce, Quadro and Tesla lineup of graphics cards. These new security risks are labeled as very dangerous and have the potential to cause local code execution, denial of service, or escalation of privileges, unless the system is updated. Users are advised to update their Windows drivers as soon as possible in order to stay secure and avoid all of these vulnerabilities, so be sure to check your drivers for latest version. Exploits are only accessible on Windows based OSes, starting from Windows 7 to Windows 10.

However, one fact that's reassuring is that in order to exploit a system, attacker must have local access to the machine that is running NVIDIA GPU, as remote exploit can not happen. Bellow are the tables provided by NVIDIA that show type of exploit along with rating it carries and which driver versions are affected. There are no mitigations for this exploit, as driver update is the only available solution to secure the system.

NETGEAR Armor on your Orbi Mesh WiFi Systems is a cybersecurity solution that protects all internet-connected devices in your home from viruses, malware, stolen passwords, identity theft and hacking, whether you're at home or on the go. Many people already have some type of anti-virus software loaded onto their home computers. However, this is often not effective enough for the cyber threats in today's environment. In fact, according to research, 146 billion records of personal information, such as credit card information or national identification / social security numbers, are expected to be stolen by cybercriminals between 2018 to 2023.

Having the world's most pervasive operating system (or office suite) is sure to leave a big mark on any company when it comes to exploitation attempts from hackers. It's a simple equation: aim your efforts at a software that runs in millions (if not billions) of machines and even a light chink in the armor could be enough to cause a cascading effect through that many users.

This principle applies to almost everything: a small effect across a billion users usually provides greater returns than a large effect on one or two players. Kaspersky labs on its security report, presented at the Security Analyst Summit, reported that the favorite target for cyber attacks was Microsoft's Office suite - a 70% figure suggests an incredible attention given to Office, really. These Office-related cyber attacks don't directly relate to the suite itself; there are other, OS-integrated components that can be targeted, or simply that Office file extensions are used as clever, headache-inducing ways of disguising malware as the second greatest evil in the world - spreadsheets.

A new security vulnerability has been found that only affects Intel CPUs - AMD users need not concern regarding this issue. Dubbed Spoiler, the newfound security vulnerability was discovered by the Worcester Polytechnic Institute in partnership with the University of Lübeck, and affects all Intel CPUs since the introduction of their Core architecture. This vulnerability too affects Intel's speculative execution design, and according to the researchers, works independent of OS, virtual machine, or sandboxed environments.

As the researchers explain, Intel's speculative execution of certain memory workloads requires the full physical address bits for the information in memory to be known, which could allow for the full address to be available in user space - allowing for privilege escalation and other microarchitectural attacks. According to the researchers, a software solution to this problem is impossible, which means this is yet another silicon-level bug that needs to be addressed in future processor designs.

Gryphon Online Safety, Inc. is a 2-year old company that, by its very name, hints strongly towards the product lineup and design philosophy. We met the CEO and CTO of the company at their booth at CES 2019, and were greeted by the Gryphon router that was built with content filtering and online secutiry in mind. They have nearly five decades of combined experience behind the Gryphon, leveraging manufacturing in China, software teams in India, and customer support in the USA to deliver a user-friendly router and mobile app which also supports mesh networking.

The Gryphon was designed with the intention of fitting in a living room, with the sharp looks akin more to a trophy or showpiece. It definitely caught our eye, especially given how hard it is to carve out a unique look with routers these days without looking like an alien artifact. The router is rated for AC3000 operation with one 2.4 GHz band for Wireless N and two 5 GHz bands for Wireless AC networking, with the second 5 GHz band being a dedicated backhaul akin to the NETGEAR Orbi to make full use of the mesh networking feature without losing performance when connected to the satellite unit. The mobile app especially makes it very handy for the average end user to allow, and control, content to their desire. We will have a full review of the Gryphon networking solution on TechPowerUp sooner than later, but for those interested, there is more information to be found on their website. The Gryphon retails for ~$215 for a single unit, and $400 for a twin-pack.

The United States government, via the Department of Commerce, has banned all exports from national companies to China-based Fujian Jinhua Integrated Circuits Ltd. The ban, citing "significant risk of becoming involved in activities that are contrary to the national security interests of the United States", demands that a license is required for "all exports, re-exports, and transfers of commodities, software and technology (...) to Jinhua." It then adds that these license applications will be reviewed - always - with a presumption of denial.

Seagate Technology, a world leader in data storage solutions, today launched the industry's widest range of advanced 14 TB hard drives, enhancing the company's enterprise and specialty drive portfolio. Consisting of IronWolf and IronWolf Pro for network attached storage (NAS) applications, the BarraCuda Pro desktop drive, surveillance-optimized SkyHawk, and Exos X14 for hyperscale data centers, this purpose-built portfolio empowers customers to consume, manage and utilize digital data more effectively and efficiently while establishing new benchmarks in speed and capacity.

With this offering, Seagate continues to lead the industry in driving data storage technology toward a lower cost per terabyte through hard drive optimization, versatility of application, and unmatched capacity. Whether for personal use, creative and design computing, online gaming, or large-scale surveillance systems and hyperscale environments, Seagate drives are opening up new data management opportunities across a wide range of markets.

In today's world, data breaches, phishing attacks, malware, and exploits are a daily occurrence. We are all familiar with the typical phishing emails that grace our inbox day in day out. You might even get a phone call from a fake Microsoft tech support employee, who attempts to gain access to your system. However, in our always-online world, it is a bit surprising to hear about hackers that would decide to use snail mail. In what will likely elicit a few giggles, U.S. state and local government agencies, along with the Multi-State Information Sharing and Analysis Center (MS-ISAC) have issued an alert, in what I can only describe as an attack from the stone age; malware infested CDs.