A pair of new vulnerabilities has been found in the TPM 2.0 library by cybersecurity company Quarkslab, that has security experts worried, as both of the flaws have potential far reaching implications. The two vulnerabilities go under the CVE identifiers of CVE-2023-1017 and CVE-2023-1018, where the first one allows for out-of-bounds writes, whereas the second one enables out-of-bounds reads, also known as buffer overflow vulnerabilities. This in itself might not sound particularly concerning, but as both can be triggered from user-mode applications, they're a pretty big deal, as it would enable malicious commands to be sent to a TPM 2.0 module, which could in turn enable malicious software to be installed on the device with the TPM 2.0 module.

According to Quarkslab, billions of devices could be affected, as TPM 2.0 authentication modules are used in everything from servers to IoT devices and has been the main hardware-based crypto solution for almost a decade by now. The attacker using the vulnerabilities would have to know what they're doing to be able to take advantage of these two flaws in TPM 2.0, but as it relies on the TPM command interface, there's no easy way to protect against an attack, if someone has gained user access to the system in question. The Trusted Computing Group (TCG) which is in charge of the TPM standard, has already issued an errata which includes instructions on how to address the two vulnerabilities and we're like to see updates from all major hardware vendors as they see fit.

Fortinet, the global cybersecurity leader driving the convergence of networking and security, today announced FortiSP5, the latest breakthrough in ASIC technology from Fortinet, propelling major leaps forward in securing distributed network edges. Building on over 20 years of ASIC investment and innovation from Fortinet, FortiSP5 delivers significant secure computing power advantages over traditional CPU and network ASICs, lower cost and power consumption, the ability to enable new secure infrastructure across branch, campus, 5G, edge compute, operational technologies, and more.

"With the introduction of FortiSP5, Fortinet once again sets new industry records for performance, cost, and energy efficiency. As the only cybersecurity vendor leveraging purpose-built ASICs, an over 20-year investment in innovation, Fortinet delivers the secure computing power that will support the next generation of secure infrastructure." Ken Xie, Founder, Chairman of the Board, and Chief Executive Officer at Fortinet

The UEFI Secure Boot feature is designed to prevent malicious code from executing during the system boot process, and has been a cybersecurity staple since the late-2000s, when software support was introduced with Windows 8. Dawid Potocki, a New Zealand-based IT student and cybersecurity researcher, discovered that as many as 300 motherboard models by MSI have a faulty Secure Boot implementation with certain versions of their UEFI firmware, which allows just about any boot image to load. This is, however, localized to only certain UEFI firmware versions, that are released as beta versions.

Potocki stumbled upon this when he found that his PRO Z790-A WiFi motherboard failed to verify the cryptographic signature boot-time binaries at the time of system boot. "I have found that my firmware was… accepting every OS image I gave it, no matter if it was trusted or not." He then began examining other motherboard models, and discovered close to 300 MSI motherboard models with a broken Secure Boot implementation. He clarified that MSI laptops aren't affected, and only their desktop motherboards are. Potocki says that affected MSI motherboards have an "always execute" policy set for Secure Boot, which makes the mechanism worthless, and theorized a possible reason. "I suspect this is because they probably knew that Microsoft wouldn't approve of it and/or that they get less tickets about Secure Boot causing issues for their users."

BBT.live, the Tel Aviv-based startup that has developed an all-in-one, tech-agnostic, software-defined connectivity solution, has announced a new technology innovation powered by NVIDIA. As a result, BBT.live, the software-defined connectivity platform, will run on NVIDIA BlueField data processing units (DPUs) to unlock the benefits of cloud-based connectivity solutions to businesses at every scale.

Modern workloads are experiencing an ever-growing need for network efficiency, privacy, and security. Businesses and enterprises that depend on solutions require additional hardware and integration, which introduces additional complexity and points of failure. BBT.live's proprietary technology, recognized by the Israel Innovation Authority, is device agnostic. It integrates with a variety of different hardware platforms (uCPE) without the need for time-consuming customization.

After a thorough investigation and verification process, QNAP Systems, Inc. (QNAP) today addressed vulnerability CVE-2021-36260 of Hikvision cameras and provides the following recommendations to QVR Pro and QVR Elite users who may be potentially affected. According to the security advisory by Hikvision, if these cameras are installed in the same LAN network, and this network cannot be accessed externally, attackers will NOT be able to exploit this vulnerability.

Although this vulnerability does not directly influence QNAP surveillance products, it is highly recommended to update the firmware of the cameras listed in the advisory to reduce the possibility of being exposed to potential risks. These risks include, but is not limited to, failure to record from cameras that stop working, or receiving forged data from cameras.

Intel improves software reliability by building silicon enhancements realized through logic inside the processor. Today, the company described a new technique to complement existing software mitigations for fault injection attacks. Tunable Replica Circuit (TRC) - Fault Injection Protection uses hardware-based sensors to explicitly detect circuit-based timing failures that occur as the result of an attack. TRC is first delivered in the 12th Gen Intel Core processor family. It adds fault injection detection technology to the Intel Converged Security and Management Engine (Intel CSME), where it is designed to detect non-invasive physical glitch attacks on the pins supplying clock and voltage. TRC is also designed to detect electromagnetic fault injections.

"Software protections have hardened with virtualization, stack canaries and code authentication before execution," said Daniel Nemiroff, senior principal engineer at Intel. "This has driven malicious actors to turn their attention to physically attacking computing platforms. A favorite tool of these attackers is fault injection attacks via glitching voltage, clock pins and electromagnetic radiation that cause circuit timing faults and may allow execution of malicious instructions and potential exfiltration of secrets."

Even as the Russo-Ukrainian war continues grassing with no end in sight, Microsoft has warned that Russia is increasing its cyberwarfare-based attacks against Ukraine and the countries that have vowed to support it against external aggressions. The Redmond-based company says that Russia is increasing the rate and complexity of its attacks not only on government agencies, but also on supporting infrastructures such as think thanks, telecommunications, energy, and defense companies. Even humanitarian groups, which have been tirelessly providing Ukraine's population with the resources needed for bare survival, have been in the sights of the former Soviet Union.

All in all, Microsoft has registered attacks 102 organizations from as many as 42 countries. Microsoft's numbers place around 60% of the attacks against NATO members - with the US being one of the favorite targets. Poland too has been particularly affected, being one of the distribution centers for provisions - and a hub for refugees to leave the embattled country. Despite that, Microsoft says only around 29% of the attacks have been successful - likely a testament to both Russia's technological difficulties and the overall reinforced networks and cybersecurity defenses of NATO countries. Even so, resources spent fighting Russia's attacks have an opportunity cost - they can't be spent elsewhere.

L7 Defense Ltd., a pioneering developer of AI-based cybersecurity solutions, announced today that it has successfully completed the integration of its API security solution Ammune with the NVIDIA BlueField-2 SmartNIC. The integration elevates the Kubernetes nodes' security posture with maximum "zero trust" in-and-out traffic protection. Furthermore, it does not interfere with the day-to-day efficiency of serving applications. Installed on BlueField-2, the Ammune real-time AI workload is offloaded to the BlueField-2 DPU, reducing nodes' CPU usage for security to the essential minimum.

"Thanks to the successful integration, the server CPU utilization with the BlueField DPU was reduced by almost a factor of 8 in cases of high traffic analysis, in comparison to CPU utilization without the DPU," said Dr. Doron Chema, L7 Defense's CEO. "Ammune is a pure AI product. The real-time AI security agent is going to be further accelerated by more BlueField functionality. The Ammune analytical near-real-time AI unit will gain more acceleration with the NVIDIA Morpheus cybersecurity AI application framework in the near future."

In a joint effort to make the web more secure and usable for all, Apple, Google and Microsoft today announced plans to expand support for a common passwordless sign-in standard created by the FIDO Alliance and the World Wide Web Consortium. The new capability will allow websites and apps to offer consistent, secure, and easy passwordless sign-ins to consumers across devices and platforms. Password-only authentication is one of the biggest security problems on the web, and managing so many passwords is cumbersome for consumers, which often leads consumers to reuse the same ones across services. This practice can lead to costly account takeovers, data breaches, and even stolen identities. While password managers and legacy forms of two-factor authentication offer incremental improvements, there has been industry-wide collaboration to create sign-in technology that is more convenient and more secure.

The expanded standards-based capabilities will give websites and apps the ability to offer an end-to-end passwordless option. Users will sign in through the same action that they take multiple times each day to unlock their devices, such as a simple verification of their fingerprint or face, or a device PIN. This new approach protects against phishing and sign-in will be radically more secure when compared to passwords and legacy multi-factor technologies such as one-time passcodes sent over SMS.

Last week, NVIDIA systems were compromised by the attack of a hacking group called LAPSUS$. It has been a few days since the attack happened, and we managed to see source code of various software leaks through third-party anonymous tipsters and next-generation GPU codenames making an appearance. Today, NVIDIA issues a statement for the German PC enthusiast website Hardwareluxx, and we manage to see it below fully. The key takeaway from this quote is that NVIDIA believes that the compromised files will not impact the company's business in any meaningful manner, and operations continue as usual for NVIDIA's customers. The company's security team is analyzing the situation, and you can check out the complete statement below.

NVIDIA StatementOn February 23, 2022, NVIDIA became aware of a cybersecurity incident which impacted IT resources. Shortly after discovering the incident, we further hardened our network, engaged cybersecurity incident response experts, and notified law enforcement.

We have no evidence of ransomware being deployed on the NVIDIA environment or that this is related to the Russia-Ukraine conflict. However, we are aware that the threat actor took employee credentials and some NVIDIA proprietary information from our systems and has begun leaking it online. Our team is working to analyze that information. We do not anticipate any disruption to our business or our ability to serve our customers as a result of the incident.

Security is a continuous process that we take very seriously at NVIDIA - and we invest in the protection and quality of our code and products daily.

IBM (NYSE: IBM) today announced the new IBM Power E1080 server, the first in a new family of servers based on the new IBM Power10 processor, designed specifically for hybrid cloud environments. The IBM Power10-equipped E1080 server is engineered to be one of the most secured server platforms and is designed to help clients operate a secured, frictionless hybrid cloud experience across their entire IT infrastructure.

The IBM Power E1080 server is launching at a critical time for IT. As organizations around the world continue to adapt to unpredictable changes in consumer behaviors and needs, they need a platform that can deliver their applications and insights securely where and when they need them. The IBM Institute of Business Value's 2021 CEO Study found that, of the 3,000 CEOs surveyed, 56% emphasized the need to enhance operational agility and flexibility when asked what they'll most aggressively pursue over the next two to three years.

TerraMaster, a professional brand that specializes in providing innovative storage products for home, businesses and enterprises, presents its comprehensive suite of cybersecurity features to provide excellent protection against all variants of ransomware, viruses, and other forms of cyberattack. There has been an increase in new variants of ransomware that specifically target NAS devices. TerraMaster continuously bolsters the suite of cybersecurity features on its NAS devices to provide effective protection even to the newest ransomware variants. TerraMaster has taken the necessary steps for help users avoid common pitfalls that are targeted by attackers. TerraMaster also provides the necessary security features to protect against cybersecurity attacks.

TerraMaster NAS users can get alert notifications for system events, power failures, and others. This helps managers in real-time monitoring even at home, ensuring that you are always up to date with the status of your TNAS. TerraMaster NAS device has disabled the default administrator account. This ensures users will create a new administrator account and set their own password at first use.

Perhaps the most controversial system requirement of the upcoming Windows 11 operating system is the need for a hardware trusted platform module that meets TPM 2.0 specs. Most modern computers fulfill this requirement using fTPM (firmware TPM) solutions built into their processors; and those that don't, have TPM headers for add-on TPMs, which scalpers have their eye on. It turns out, that Microsoft is designing special variants of Windows 11 for special contracts Microsoft will execute.

Computers sold under the scheme will be marked "special purpose systems," and the Windows 11 version running them will do away with the TPM 2.0 requirement. These systems are very likely to be Government or Military; or perhaps even variants Microsoft exports to countries like China and Russia, which have their own specialized cybersecurity policies and dictate software to be written a certain way to be sold in the country.

Kingston Digital, Inc., the flash memory affiliate of Kingston Technology Company, Inc., a world leader in memory products and technology solutions, is proud to announce it has won the following Global InfoSec Awards for its encrypted USB solutions family from Cyber Defense Magazine (CDM), the industry's leading electronic information magazine: Data Loss Prevention Market Leader; Encryption Market Leader; Wireless, Mobile, or Portable Device Security—Most Innovative.

Kingston is the market leader in encrypted USB drives featuring solutions that range from FIPS 197-certified encryption, all the way to the toughest FIPS 140-2 Level 3 IronKey S1000, that is armed with an on-device cryptochip to protect the most sensitive data. Kingston's encrypted drives are an important tool for the government and military, as well as organizations that adhere to strict regulations, including FIPS, HIPAA, Sarbanes-Oxley, GDPR and CCPA.

Phison Electronics Corp., a global leader in NAND flash controllers and a complete line of storage solutions, and Cigent Technology, Inc., the leader in embedded cybersecurity technology, today unveiled design details behind the partnership that has delivered the industry's first and only line of self-defending storage devices with cybersecurity built into the firmware itself to protect against ransomware, data theft and malicious insider theft.

Phison's innovative and robust NAND flash solutions support a broad range of applications including embedded, consumer, enterprise and automotive. The Phison Crypto-SSD is a line of TCG enabled Self-Encrypting Drives that are designed to pass FIPS 140-3 Level 2 certification. Phison is committed to data security which helps to protect business and government users against loss or theft. Phison's collaboration with Cigent expands the E12DC Crypto-SSD security architecture to add additional compute capabilities, attack detectors and sensors directly on the drive. Together with Cigent, Phison has created a product that raises the bar of data security to a whole new level.

Singapore cybersecurity firm Flexxon on Monday launched the world's first solid-state drive (SSD) embedded with artificial intelligence (AI) data security. As the "last line of defence" to protect data at the hardware level, the SSD is able to guard against both remote and physical attacks, boasting a range of features including temperature sensors to detect unusual movements that occur. In the event of such an incursion, the device - also known as X-PHY - will alert the user via email and lock itself to prevent any physical tampering. Users may then unlock the device via a dynamic authentication process. For clients with high security needs, such as the military, data may be automatically wiped should the device fall into the wrong hands.

Minister for Foreign Affairs and Minister-in-charge of Singapore's Smart Nation Initiative Vivian Balakrishnan said that the innovation was a "breakthrough" and a significant step in increasing security and safety for end users, having put AI into the firmware layer of an SSD. Congratulating Flexxon on its new product, Dr Balakrishnan - who was the guest-of-honour at the launch - also called on similar companies to include research institutes, universities and the private sector to enhance local research and development efforts in AI.

Dell notebooks and desktops dating all the way back since 2009—hundreds of millions of them the PC giant has shipped since—are vulnerable to unauthorized privilege escalation attacks, due to a faulty OEM driver the company uses to update the computer's BIOS or UEFI firmware, according to findings by cybersecurity researchers at SentinelLabs. "DBUtil," a driver that Dell machines load during automated or unattended BIOS/UEFI update processes initiated by the user from within the OS, is found to have vulnerabilities that malware can exploit to "escalate privileges from a non-administrator user to kernel mode privileges."

SentinelLabs chronicled its findings in CVE-2021-21551, which details five individual flaws. Two of these point out flaws that can escalate user privileges through controlled memory corruption, two with lack of input validation; and one with denial of service. Organizations that have remote updates enabled for their client machines are at risk, since the flaw can be exploited over network. "An attacker with access to an organization's network may also gain access to execute code on unpatched Dell systems and use this vulnerability to gain local elevation of privilege. Attackers can then leverage other techniques to pivot to the broader network, like lateral movement," writes SentielLabs in its paper.

QNAP Systems, Inc. (QNAP), a leading computing, networking and storage solution innovator, today issued a statement in response to recent user reports and media coverage that two types of ransomware (Qlocker and eCh0raix) are targeting QNAP NAS and encrypting users' data for ransom. QNAP strongly urges that all users immediately install the latest Malware Remover version and run a malware scan on QNAP NAS. The Multimedia Console, Media Streaming Add-on, and Hybrid Backup Sync apps need to be updated to the latest available version as well to further secure QNAP NAS from ransomware attacks. QNAP is urgently working on a solution to remove malware from infected devices.

QNAP has released an updated version of Malware Remover for operating systems such as QTS and QuTS hero to address the ransomware attack. If user data is encrypted or being encrypted, the NAS must not be shut down. Users should run a malware scan with the latest Malware Remover version immediately, and then contact QNAP Technical Support at this page.

OWC, the premier zero-emissions Mac and PC technology company, and a respected provider of Memory, External Drives, SSDs, Mac & PC docking solutions, and performance upgrade kits, announces partnership with Acronis, making Acronis True Image OEM software available on OWC storage solutions that include SoftRAID today and will consist of additional or all OWC storage solutions in the future. Integrating best-of-breed backup and recovery with AI-enhanced anti-ransomware technology, Acronis' solution ensures that a user's digital life is protected - photos, files, applications, operating systems, and the devices they're on.

Backing up and protecting data is critically important, yet too often the task falls to the bottom of the to-do list. Acronis True Image OEM is designed to complement a user's existing workflow. And with modern ransomware targeting backup files and processes, it is the world's first solution to unify backup and anti-ransomware capabilities in one to ensure data is protected from accidents, failures, and cyber attacks.

NVIDIA today introduced a new class of NVIDIA-Certified Systems, bringing AI within reach for organizations that run their applications on industry-standard enterprise data center infrastructure. These include high-volume enterprise servers from top manufacturers, which were announced in January and are now certified to run the NVIDIA AI Enterprise software suite—which is exclusively certified for VMware vSphere 7, the world's most widely used compute virtualization platform.

Further expanding the NVIDIA-Certified servers ecosystem is a new wave of systems featuring the NVIDIA A30 GPU for mainstream AI and data analytics and the NVIDIA A10 GPU for AI-enabled graphics, virtual workstations and mixed compute and graphics workloads, also announced today.

NVIDIA today announced the NVIDIA BlueField -3 DPU, its next-generation data processing unit, to deliver the most powerful software-defined networking, storage and cybersecurity acceleration capabilities available for data centers.

The first DPU built for AI and accelerated computing, BlueField-3 lets every enterprise deliver applications at any scale with industry-leading performance and data center security. It is optimized for multi-tenant, cloud-native environments, offering software-defined, hardware-accelerated networking, storage, security and management services at data-center scale.

Acer has reportedly been hit with a REvil ransomware attack covering financial spreadsheets, bank balances, and bank communications. The actors are demanding a 50 million USD ransom which is one of the highest amounts ever demanded in a breach of this type. Acer has not confirmed the report instead stating that they "reported recent abnormal situations" to the relevant authorities. Communication between REvil and Acer began on March 14th with the attackers demanding payment in XMR cryptocurrency via a Tor website in return for the decryptor, a vulnerability report, and the deletion of stolen files. The cause of the attack appears to be a vulnerability in Microsoft Exchange which has now been patched but was not updated by Acer. The group is demanding payment before March 28th or the price will double to 100 million USD.

NETGEAR, Inc., the worldwide leading provider of award-winning advanced mesh WiFi for home and office, has today announced the addition of a new tri-band mesh system to the family of Nighthawk Mesh - Nighthawk Tri-band Mesh WiFi 6 System (MK83). Providing powerful mesh WiFi 6, this latest offering from NETGEAR is designed to blanket the whole home with high-performance WiFi to manage more devices on the network and eliminate dead zones in every room of the house.

The powerful quad-core processor of the Nighthawk Tri-band Mesh WiFi 6 system delivers more processing power than WiFi 5, increasing the overall WiFi performance. This enables the mesh system to support the demands of today's homes from streaming, gaming, video conferencing for distance learning and remote work to powering the growth of smart home devices. Get immersed in UHD streaming and enjoy lag-free gaming with Nighthawk's combined WiFi speeds of up to 3.6Gbps that is more than capable of delivering up to Gigabit internet speeds throughout out the home. Newer WiFi 6 technology powers up to four times the performance and capacity of previous generation WiFi 5 (802.11ac) but still provides 100% backwards compatibility to earlier generations of WiFi devices (802.11a/b/g/n/ac) so all devices can connect at top speeds.

NETGEAR, Inc. (NASDAQ: NTGR), the worldwide leading provider of award-winning advanced networking products for home and office has today announced, during the historic virtually-hosted CES 2021, the introduction of the world's first all-purpose WiFi 6E router, the Nighthawk RAXE500 Tri-band WiFi router. Promised to elevate the WiFi experience by providing speeds up to 10.8Gbps, this latest addition to the Nighthawk line of performance routers ushers in a new era of fast connectivity on the new 6Ghz band, free of interference and congestion.

Working, learning, and video streaming from home has placed greater demands on home WiFi networks. Devices in these ultra-connected households have been in a constant contest for bandwidth on crowded WiFi networks. WiFi 6E resolves these congestion issues by adding previously unavailable 6GHz WiFi spectrum that can be used to broadcast WiFi signals and connect to more devices with faster speeds and reliability. Up until the introduction of WiFi 6E, WiFi routers have been limited to the 2.4GHz and 5GHz bands. The new third 6GHz band will dramatically increase the capacity of networks to support more devices.

Intel today unveiled the suite of new security features for the upcoming 3rd generation Intel Xeon Scalable platform, code-named "Ice Lake." Intel is doubling down on its Security First Pledge, bringing its pioneering and proven Intel Software Guard Extension (Intel SGX) to the full spectrum of Ice Lake platforms, along with new features that include Intel Total Memory Encryption (Intel TME), Intel Platform Firmware Resilience (Intel PFR) and new cryptographic accelerators to strengthen the platform and improve the overall confidentiality and integrity of data.

Data is a critical asset both in terms of the business value it may yield and the personal information that must be protected, so cybersecurity is a top concern. The security features in Ice Lake enable Intel's customers to develop solutions that help improve their security posture and reduce risks related to privacy and compliance, such as regulated data in financial services and healthcare.