The "Spectre" family of vulnerability, an exploitation of the speculative execution features of modern processors (mostly Intel), was scary enough. Up until now, running malware that implements Spectre needed one to run the program on a local machine. Running it remotely was limited to well-crafted JavaScript executed on the victim's machine, or cloud hosts made to process infected files. This is about to change. Security researchers from Graz University of Technology, including one of the discoverers of the "Meltdown" vulnerability, Daniel Gruss; have discovered NetSpectre, a fully network-based exploit that can let attackers read the memory of a remote machine without executing any program on that machine.

NetSpectre works by deriving bits and bytes from the memory based on measurements of the time the processor to succeed or recover from failure in speculative execution. As a processor is executing code, it speculates what the next instruction or data is, and stores their outcomes beforehand. A successful "guess" is rewarded with tangible performance benefits, while an unsuccessful guess is penalized with having to repeat the step. By measuring the precise time it takes for the processor to perform either (respond to success or failure in speculative execution), the contents of the memory can be inferred.

Wi-Fi Alliance introduces Wi-Fi CERTIFIED WPA3 , the next generation of Wi-Fi security, bringing new capabilities to enhance Wi-Fi protections in personal and enterprise networks. Building on the widespread adoption of WPA2 over more than a decade, WPA3 adds new features to simplify Wi-Fi security, enable more robust authentication, and deliver increased cryptographic strength for highly sensitive data markets. As the Wi-Fi industry transitions to WPA3 security, WPA2 devices will continue to interoperate and provide recognized security.

WPA3 security continues to support the market through two distinct modes of operation: WPA3-Personal and WPA3-Enterprise. All WPA3 networks use the latest security methods, disallow outdated legacy protocols, and require use of Protected Management Frames (PMF) to maintain resiliency of mission critical networks. Key capabilities of WPA3 include:

• WPA3-Personal: more resilient, password-based authentication even when users choose passwords that fall short of typical complexity recommendations. WPA3 leverages Simultaneous Authentication of Equals (SAE), a secure key establishment protocol between devices, to provide stronger protections for users against password guessing attempts by third parties.
• WPA3-Enterprise: offers the equivalent of 192-bit cryptographic strength, providing additional protections for networks transmitting sensitive data, such as government or finance. The 192-bit security suite ensures a consistent combination of cryptographic tools are deployed across WPA3 networks.

Security researchers have discovered a vulnerability affecting all modern Intel Core and Xeon processors, which is an exploit of a performance optimization feature called "lazy FP state restore," which can be exploited to sniff out sensitive information, including cryptographic keys used to protect sensitive data. The flaw affects all x86 micro-architectures by Intel, "Sandy Bridge" and later.

The "lazy FP state restore" feature is a set of commands used to temporarily store or restore the FPU states of applications running "lazily" (as opposed to "eagerly"). Red Hat put out an advisory stating that numbers held in FPU registers could be used to access sensitive information about the activities of other applications, including encryption keys. Intel began working with popular OS vendors to quickly roll out software patches against the vulnerability.

Today, Intel is taking another step forward, with two new technology announcements: Intel Threat Detection Technology (Intel TDT), a set of silicon-level capabilities that will help the ecosystem detect new classes of threats, and Intel Security Essentials, a framework that standardizes the built-in security features across Intel processors. We are also announcing a strengthened academic partnership with Purdue University, to help accelerate the development and availability of cybersecurity talent.

Intel Threat Detection Technology leverages silicon-level telemetry and functionality to help our industry partners improve the detection of advanced cyberthreats and exploits. Today we are announcing the first two Intel Threat Detection Technology capabilities, including implementation plans by Microsoft and Cisco.

The first new capability is Accelerated Memory Scanning. Current scanning technologies can detect system memory-based cyberattacks, but at the cost of CPU performance. With Accelerated Memory Scanning, the scanning is handled by Intel's integrated graphics processor, enabling more scanning, while reducing the impact on performance and power consumption. Early benchmarking on Intel test systems show CPU utilization dropped from 20 percent to as little as 2 percent.

Via updated documents on its Microcode Revision guide, Intel has revealed that they have finally developed and started deploying microcode security updates for their Broadwell and Haswell-based microprocessors. The microcode update comes after a flurry of nearly platform-specific updates that aimed to mitigate known vulnerabilities in Intel's CPUs to the exploits known as Spectre and Meltdown.

While that's good news, Intel's patching odyssey still isn't over, by any means. According to Intel's documentation, the Spectre fixes for Sandy Bridge and Ivy Bridge are still in beta and are being tested by hardware partners, so that's two other architectures that still remain vulnerable. Of course, this discussion of who's vulnerable and isn't really can't be reduced to which architectures Intel has released its updates to. Users have to remember that the trickle-down process from Intel's patch validation and distribution through manufacturers to end users' systems is a morose one, and is also partially in the hands of sometimes not too tech-savy users. Time will tell if these flaws will have any major impact in some users or businesses.

Intel has finally come around towards reporting on the state of the reboot issues that have been plaguing Intel systems ever since the company started rolling out patches to customers. These patches, which aimed to mitigate security vulnerabilities present in Intel's chips, ended up causing a whole slew of other problems for Intel CPU deployment managers. As a result of Intel's investigation, the company has ascertained that there were, in fact, problems with the patch implementation, and is now changing its guidelines: where before users were encouraged to apply any issued updates as soon as possible, the company now states that "OEMs, cloud service providers, system manufacturers, software vendors and end users stop deployment of current versions, as they may introduce higher than expected reboots and other unpredictable system behavior." A full transcription of the Intel press release follows.

Despite the grunt of the media's attention and overall customer rage having been thrown largely at Intel, AMD hasn't moved past the Spectre/Meltdown well, meltdown, unscathed. News has surfaced that at least two law firms have announced their intention of filing a class action lawsuit against AMD, accusing the company of not having disclosed their products' Spectre vulnerability, despite knowledge of said vulnerabilities.

AMD stated loud and clear that their processors weren't affected by the Meltdown flaw. However, regarding Spectre, AMD's terms weren't as clear cut. The company stated that its CPUs were vulnerable to the Spectre 1 flaw (patchable at a OS level), but said that vulnerability to Spectre 2's variant had "near-zero risk of exploitation". At the same time, the company also said that "GPZ Variant 2 (Branch Target Injection or Spectre) is applicable to AMD processors", adding that "While we believe that AMD's processor architectures make it difficult to exploit Variant 2, we continue to work closely with the industry on this threat.

The public disclosure on January 3rd that multiple research teams had discovered security issues related to how modern microprocessors handle speculative execution has brought to the forefront the constant vigilance needed to protect and secure data. These threats seek to circumvent the microprocessor architecture controls that preserve secure data.

At AMD, security is our top priority and we are continually working to ensure the safety of our users as new risks arise. As a part of that vigilance, I wanted to update the community on our actions to address the situation.

F-Secure reports a security issue affecting most corporate laptops that allows an attacker with physical access to backdoor a device in less than 30 seconds. The issue allows the attacker to bypass the need to enter credentials, including BIOS and Bitlocker passwords and TPM pins, and to gain remote access for later exploitation. It exists within Intel's Active Management Technology (AMT) and potentially affects millions of laptops globally.

The security issue "is almost deceptively simple to exploit, but it has incredible destructive potential," said Harry Sintonen, who investigated the issue in his role as Senior Security Consultant at F-Secure. "In practice, it can give an attacker complete control over an individual's work laptop, despite even the most extensive security measures."

After Intel and AMD's differing statements on the same issue, now is the time for Google, ARM, and Microsoft to release statements regarding the recently discovered (and still in the spotlight) security flaws that impact almost all Intel CPUs from the last decade. Google is the company that originally alerted Intel to the existence of the security vulnerabilities, and mentioned some reservations regarding AMD and ARM's immunity as well. Microsoft, as the maker of the world's most recognized and widely-used OS, has also issued a statement. The ARM statement follows, with both Google and Microsoft's statements transcribed after the break.

ARM
This method requires malware running locally and could result in data being accessed from privileged memory. Our Cortex-M processors, which are pervasive in low-power, connected IoT devices, are not impacted.

GIGABYTE TECHNOLOGY, a leading manufacturer of motherboards and graphics cards, has implemented safety measures aligned with Intel's response to the Intel Management Engine (ME) and Intel Trusted Execution Engine (TXE) security vulnerabilities, so customers can be reassured their motherboards are fully protected. For all customers who have purchased GIGABYTE motherboards for Intel platforms, please visit the official website to download the latest BIOS versions as well as ME and TXE drivers.

The updates for the motherboards will be released starting with the Z370, 200 series and then previous generation motherboards. For more information on the Intel ME and TXE security vulnerabilities, please visit this page. GIGABYTE is committed to ensuring the quality and service of our motherboards. Any issues that affect the user's experience with our products will be addressed with the utmost concern.

In order to avoid severe security vulnerabilities for the platforms, MSI motherboards now support the latest Intel Trusted Execution Engine (TXE) 3.0 for safer system protection. According to recent Intel comprehensive security review, security vulnerabilities are identified and could potentially allow attackers to gain unauthorized access to platforms features, secrets and 3rd party secrets protected by Intel TXE. Therefore, Intel has validated and released Intel TXE 3.0 updates to address the encountered security situations.

Currently all MSI 100,200 and 300 series motherboards are supporting the newest Intel TXE 3.0 by updating to the latest BIOS and installing the latest software updates. MSI always places strong emphasis on security and anti-hack issues to makes sure all MSI motherboard users are operating under the most secure circumstances. MSI will continue to provide additional updates if necessary to ensure maximum platform security protection for users.

Researchers have recently discovered a critical flaw that affects all WPA2 protected Wi-Fi devices. This can't be remedied solely by user intervention, or password changes, or even by the usage of HTTPS website; this is a flaw with the core of WPA's protection scheme, and means that an attacker could intercept every single traffic data point that your device sends over Wi-Fi, including passwords, credit card details, images - the whole treasure trove. Adding insult to injury, it's even possible for attackers using this method to inject malware into your devices. The new attack method - dubbed KRACK for Key Reinstallation Attack - basically forces your device's encryption code to default to a known, plain-text all-zero decryption key, which is trivial for hackers to reuse.

Adding to the paranoia, this is basically a device and software-agnostic attack - it's effective against devices running Android, Linux, and OpenBSD, and to a lesser extent macOS and Windows, as well as MediaTek Linksys, and other types of devices. HTTPS isn't the best solution either, simply because some website's implementation of it isn't the best, and there are scripts (such as SSLScript) that can force a website to downgrade its connection to a simple HTTP link - which can then be infiltrated by the attacker.

Since the launch of AMD Ryzen, a small piece of hardware that handles basic memory initialization as well as many security functions has been the center of some controversy. Called the Platform Security Processor (the "PSP" for short) it is essentially an arm core with complete access to the entire system. Its actions can be considered "above root" level and are for the most part invisible to the OS. It is similar in this regard to Intel's Management Engine, but is in some ways even more powerful.

Why is this a bad thing? Well, let's play a theoretical. What happens if a bug is discovered in the PSP, and malware takes control of it? How would you remove it (Answer: you couldn't). How would you know you needed to remove it? (answer, unless it made itself obvious, you also wouldn't). This scenario is obviously not a good one, and is a concern for many who asked AMD to open-source the PSPs code for general community auditing.

Samba, the open source implementation of the Windows CIFS file sharing protocol found on Linux and many home NAS-systems, now has its own version of a "WannaCry" grade bug ready to cause users grief. Like WannaCry, Sambas bug enables remote code execution and is totally wormable. Unlike WannaCry however, it does require write access to the SMB share, limiting it's effect unless you run an unauthenticated share on the internet.

So why is this newsworthy at all? It is of course newsworthy in its own right because of bad security practices that run rampant in our industry, I would argue, but that's not really why I posted this, I will confess. Yes, I'm trying to make a point again with that blunt instrument we call "editorial." I do apologize for the inconvenience (not really).

Only yesterday, the United States' House of Representatives carried the US Senate's joint resolution to eliminate broadband privacy rules. These rules, which are now seemingly on their way to political oblivion, would have required ISPs to get consumers' explicit consent before selling or sharing Web browsing data and other private information with advertisers and other companies. Much like last week's Senate joint resolution, the House's voting fell mainly along partisan lines (215 for, 205 against, with 15 Republican and 190 Democratic representatives voting against the repeal) to scrap the proposed FCC rules.

President Trump's desk (and the President himself) are now all that stand before the ISP's ability to collect geo-location data, financial and health information, children's information, Social Security numbers, Web browsing history, app usage history, and the content of communications - information that gives the most unthinkable leeway in understanding your daily habits. However, President Trump's administration have issued a statement whereas they "strongly support House passage of S.J.Res. 34, which would nullify the Federal Communications Commission's final rule titled "Protecting the Privacy of Customers of Broadband and Other Telecommunication Services".

The US Senate on Thursday passed a joint resolution to eliminate broadband privacy rules that would have required ISPs to get consumers' explicit consent before selling or sharing Web browsing data and other private information with advertisers and other companies. This win was pulled by a hair - 48 Nay against 50 Yea - and went entirely through party lines, with Republicans voting Yea, and the Democrats voting Nay. The effects won't be immediate, mind you - the measure will have to pass the House and then be signed by President Donald Trump before it can become law.

Thanks to AMD's incorporation of an ARM-based "AMD Secure Processor" in their upcoming ZEN micro-architecture, the company is poised to offer something competitor Intel's microprocessors yet don't: memory encryption. This processor, and its underlying technologies, could prove to be a stepping-stone for AMD towards regaining lost server market share. Essentially, because in a market ever more steered by cloud computing considerations, it allows for the client's data to be encrypted at every moment of the work chain. Assuming all works as intended, for the first time not even cloud providers, with either hypervisor-level privileges or even physical access to the servers, will be able to carry out any malicious actions against their clients.

One only has to consider the writing on the wall: Morgan Stanley predicts that by 2018, 30% of Microsoft's revenue will stem from its cloud services; Amazon Web Services (AWS) generated $7.88B in revenue on Q4 2015, up 69% over 2014; and worldwide spending on public cloud services by itself will grow from $70B in 2015 to an estimated $141B in 2019. Cloud computing is here to stay, and with security being as important as it is for some businesses, this is an important area of investment for AMD. This "AMD Secure Processor" will work on essentially two fronts: SME (Secure Memory Encryption) and SEV (Secure Encrypted Virtualization), backed by an hardware-based SHA (Secure Hash Algorithm).

With only a few more days until this month's Patch Tuesday Micrsosoft took to the web to announce that it plans to roll out no less than nine updates - two rated 'Critical' and seven rated 'Important'. The upcoming patches address vulnerabilities found in Windows, Office, Microsoft Server Software, SQL Server, .NET, and Internet Explorer.

The August updates are scheduled to be made available this Tuesday, August 12, at 10 AM PDT. For more info check out the advance notification published here.

Microsoft Corp. has just announced its plans for this month's Patch Tuesday and they include the release of six updates - two rated 'Critical', three rated 'Important' and one rated 'Moderate'. The upcoming updates target vulnerabilities found in Windows operating systems, in Internet Explorer and in Microsoft Server Software.

The six patches will be made available this coming Tuesday, July 8, 2014, at about 10:00 am PDT. The bulletin advance notification for this month's releases can be found here.

Eurocom is providing a complete line of 15.6" to 17.3" high performance, fully upgradeable Mobile Workstations equipped with NVIDIA Quadro K5100M to K1100M graphics and Trusted Platform Modules to secure the systems and their intellectual property from unauthorized access.

At Eurocom we take security very seriously, implanting several systems with three security layers, one being the Kensington Lock Slot which prevents physical theft of the computer system, one being the TPM module to protect certificate private keys and the other being the biometric finger print reader to lock down access to the computer to only authorized individuals.

The first Patch Tuesday of Summer '14 is coming up and it will see Microsoft release seven updates - two bearing a 'Critical' rating and five rated 'Important'. The incoming patches target vulnerabilities found in Windows (Vista, 7, 8/8.1, Server 2003, Server 2008 and Server 2012), Internet Explorer (6 to 11), Office (2007, 2010) and Lync (2010, 2013).

Microsoft's software updates will be made available Tuesday, June 10th at about 10:00 AM PDT. The Advance Notification for this month's patches can be found here.

The world-leading industrial SSD manufacturer, Apacer,presents a mass of SSD data security protection technologies at COMPUTEX TAIPEI 2014, which upgrades SSD value-added technology - once again. To achieve comprehensive secure data storage, Apacer drives the evolution of the original CoreSecurity technology and launches Boot Protect security function with strengthened protection management, which can be activated immediately by the UrKey, a USB-based 2 way dongle for data protection.

Furthermore, the seamless wide-temp waterproof industrial SSDs, groundbreaking MLC-mix technology enabling combination with MLC chips and PCIe Adapters will all be unveiled at this exhibition, innovating SSD applications.

This month's Patch Tuesday (the last one for Windows XP and Office 2003) will see Microsoft roll out four fresh security updates, two rated Critical and two rated Important, targeting remote code execution vulnerabilities found in Windows, Office and Internet Explorer. One of the updates is set to resolve a Word bug that was made public last week (on March 24th) and is known to have been exploited in 'limited, targeted attacks directed at Microsoft Word 2010'.

The April patches will be made available next week on April 8th, at about 10:00 a.m. PDT. For a bit more info check out the Advance Notification published here.

This coming Tuesday Redmond-based Microsoft Corp. is planning to make available five fresh security updates - two with a 'Critical' rating and three tagged 'Important'. The incoming parches are set to address bugs found in Windows, Internet Explorer and Silverlight.

One of the Critical updates will fix an Internet Explorer issue that has already been acknowledged and was exploited in a 'limited number of attacks'. Additional information about Tuesday's releases can be found in the Security Bulletin Advance Notification published here.