Tag Archive for: arm

Hackers hit Wall Street arm of Chinese banking giant ICBC

/in


Bank of America Chairman and CEO Brian Moynihan analyzes Q3 earnings, the Fed’s rate campaign, consumer spending, the state of small business and the macroeconomic landscape.

A U.S. subsidiary of China’s biggest bank was hacked this week, threatening a temporary logjam for some trades in the Treasury bond market.

ICBC Financial Services, a New York-based entity owned by the Industrial and Commercial Bank of China, was the victim of a ransomware attack on Wednesday. The unit largely focuses on clearing, which means ensuring that transactions previously agreed by traders go through, and on lending and borrowing through repurchase agreements—a form of collateralized funding that forms a vital part of the financial system. 

CYBERATTACK OF MAJOR MORTGAGE SERVICER LEAVES CUSTOMERS WITHOUT ONLINE PAYMENT OPTION

The company was forced to disconnect and isolate some of its I.T. systems after the attack. But it said it was able to clear all trades involving U.S. Treasurys that were executed on Wednesday, and repo financing that took place on Thursday.

Josh Birenbaum, deputy director for the Center on Economic and Financial Power at the Foundation for Defense of Democracies, discusses why trading partners find it increasingly difficult to do business in and with Beijing.

The incident shines a spotlight on the financial connections between China and the U.S., which persist despite political tensions and economic rivalry between the two countries. Chinese institutions hold more than $800 billion of Treasury bonds, even after a yearslong reduction in their holdings, and the country’s biggest banks are active in the U.S. government-bond market.

BOEING LOOKING INTO HACKING GANG’S RANSOMWARE THREAT

ICBC Financial Services forms part of the plumbing of the U.S. Treasury market as a member of the government-securities division of the Fixed Income Clearing Corporation. The FICC clears all trades in government bonds among members, which include household names such as Goldman Sachs and JPMorgan Chase, as well as smaller interdealer brokers.

SlateStone Wealth chief market strategist Kenny Polcari joined ‘Varney & Co.’ to discuss the U.S. economy, arguing that Treasury yields are…

Source…

Israeli Cybersecurity Firm Pentera Launches Cyber Research Arm

/in


Automated security validation firm Pentera, announced last week the launch of its new research arm Pentera Labs to actively monitor threat intelligence feeds, pinpoint new critical vulnerabilities, and the latest adversarial attack strategies. 

Pentera Labs serves as the research powerhouse behind Pentera’s automated security validation platform.

The company has also made its recent publications regarding newest cyber attack tactics available to any cybersecurity firm looking to improve their identification and analysis capabilities. Pentera’s findings are made accessible via its security platform to which subscribers can learn from and update their cyber security protocols accordingly.   

Pentera Labs went on to submit new attack techniques to the MITRE ATT&CK framework, and subsequently became an official contributor to the globally-accessible knowledge base of adversary tactics and techniques.

Founded in 2015, Pentera runs a network penetration testing platform engineered to analyze and reduce cybersecurity risk to corporate enterprises around the world in multiple geographic markets. The automated platform is operated remotely in both the cloud and on company premises to detect, assess, and apply remediation efforts on breachable vulnerabilities. In fact, Pentera Labs recently identified and publicly disclosed two zero-day vulnerabilities in VMWare vCenter, quite possibly exposing more than 500,000 organizations worldwide. 

“Every day, Pentera Labs’ research team steps into an adversary’s mindset to safely probe the security controls protecting top enterprises,” said Alex Spivakovsky, VP of Research at Pentera Labs. “Pentera Labs’ findings are fueling the engine that powers the Pentera platform with research-based threat intelligence, providing our customers with the latest information on real-world vulnerabilities and attack techniques. By sharing Pentera Labs’ research with the greater security community, we are proud to be helping security practitioners all around the globe efficiently detect and remediate threats and security gaps before they are exploited.”

Source…

10 companies to test next generation cybersecurity technologies from the University of Cambridge and Arm

/in


The UK authority on advanced digital technology, Digital Catapult, has given 10 companies the opportunity to trial and experiment with potentially game-changing prototype cybersecurity technology through its Digital Security by Design Technology Access Programme.

It is estimated that if implemented, this cybersecurity technology could help stop around two thirds of hacks, cyber attacks and data breaches. The new technology has been co-developed by University of Cambridge researchers (with colleagues at SRI International) in collaboration with Arm.

The Cambridge-SRI research team has redesigned the architecture of a computer’s central processing unit – its brain – to make it less vulnerable to cybersecurity breaches. This new architecture is called CHERI.

Arm has been collaborating with the Cambridge researchers to integrate CHERI into the Arm® architecture since 2014 and has this year launched a prototype system on chip and demonstrator board, containing the prototype architecture, known as Morello. These Morello boards are now being made available to industry for testing.

The Technology Access Programme is part of Digital Security by Design: an initiative supported by the UK government to transform digital technology and create a more resilient, and secure foundation for a safer future. Digital Security by Design is supported by a consortium of world-leading technology industry partners, academics and research institutions, including Arm, University of Cambridge, Google, Thales, University of Edinburgh, Hewlett Packard, University of Oxford, Innovate UK, Microsoft, University of Manchester, Linaro, King’s College London and the National Cyber Security Centre (NCSC).

For six months participating companies will have access to the CHERI-enabled Morello prototype board, technical guides and support. The chosen UK-based companies can test and evaluate these technologies within their own businesses and provide findings back to the programme that could influence the design of future, more secure computer systems.

These companies will have access to the technologies as well as up to £15,000 in funding…

Source…

Microchip introduces Arm Cortex-M23 based microcontroller

/in


Security threats are growing in complexity and causing product development challenges in the Internet of Things (IoT), consumer, industrial, medical and other markets. It is imperative that these products have strong embedded security while also offering low power consumption for longer battery life.

Microchip Technology released a microcontroller (MCU) to combine a secure subsystem and Arm TrustZone technology in a single package.

The PIC32CM LS60, which integrates Microchip’s Trust Platform secure subsystem, makes it easier to develop end products using one microcontroller rather than two or more semiconductor chips. Now, designers can go to one trusted source to find a 32-bit MCU that is designed to protect products and the end user from remote or physical attacks on their smart home devices, smartphone or tablet accessories, portable medical devices, wearables, connected appliances and industrial robots.

As the IoT industry continues to grow rapidly, the need for the edge devices to be secured with high standards of protection has become essential. The PIC32CM LS60, with its combination of easy-to-use Arm TrustZone technology and the Common Criteria Joint Interpretation Library (JIL) “high” rated Trust Platform secure subsystem, enables developers to implement industry-proven security practices and countermeasures to protect against a wide class of known remote and physical attacks.

These types of designs are supported with tools such as MPLAB Code Configurator (MCC) TrustZone Manager and the Trust Platform Design Suite to simplify the configuration of the secure subsystem. The Microchip Trust Platform provisioning service is available to securely provision keys and certificates.

“With its integration of Arm TrustZone technology and Microchip’s secure subsystem in one package, the PIC32CM LS60 is an offering that the market hasn’t seen before,” said Rod Drake vice president of Microchip Technology’s 32-bit MCU business unit. “We believe this MCU’s security, ease of use and low-power operation will be a powerful shift in implementing advanced security technology in IoT applications.”

With the increased adoption of touch capabilities in…

Source…