Tag Archive for: intel

Security Roundup: Leak of Top-Secret US Intel Risks a New Wave of Mass Surveillance

/in


US defense secretary Lloyd Austin on Thursday said he was considering “additional measures necessary to safeguard our nation’s secrets,” and he ordered a review of “our intelligence access, accountability, and control procedures within the department to inform our efforts to prevent this kind of incident from happening again.”

Hackers who claim to have breached data storage company Western Digital earlier this month say they are holding 10 terabytes of stolen data hostage and are ready to publish it unless the company pays a “minimum 8 figure” ransom, TechCrunch reports. 

An individual who says they carried out the hack spoke to TechCrunch on Thursday, claiming to have reams of customer information. While the hacker showed TechCrunch screenshots of internal emails and contact information of Western Digital’s employees, it’s still unclear exactly what data has been stolen.

“Cut the crap, get the money, and let’s both go our separate ways,” the hackers wrote in an email to several company executives. “Simply put, let us put our egos aside and work to find a resolution to this chaotic scenario.” 

A secretive Israeli spyware company’s hacking tools have been used to target politicians and journalists in at least 10 countries, according to research by Microsoft and the University of Toronto’s Citizen Lab made public Tuesday. 

The company, QuaDream, is a small, low-profile Israeli firm that develops smartphone hacking tools intended for government clients. The firm was established in 2016 by former employees of NSO Group, the maker of the Pegasus spyware.

The QuaDream spyware targeted older versions of Apple’s iOS phone software, and it worked by sending malicious calendar invites that would not be seen by the targets, researchers say.

According to the report, Citizen Lab has located QuaDream servers in Bulgaria, the Czech Republic, Hungary, Ghana, Israel, Mexico, Romania, Singapore, the United Arab Emirates, and Uzbekistan. 

WhatsApp has introduced a new security feature that makes it harder for scammers to steal users’ accounts. The feature will require individuals who download WhatsApp to a new device to use their old device to confirm their account….

Source…

Check Point teams with Intel for processor-level anti-ransomware security

/in


Cybersecurity firm Check Point Software Technologies Ltd. has extended a collaboration with Intel Corp. to offer enhanced anti-ransomware capabilities for Check Point Harmony customers.

Under the collaboration, the Intel vPro platform’s threat detection technology will be available within Check Point Harmony Endpoint. The pairing provides enterprises with processor-level anti-ransomware security at both the hardware and software levels at no extra cost.

The problem being addressed is a well-known one: Cyber criminals are becoming more creative in their attacks. Check Point recorded a 42% global increase in cyberattacks in 2022, with ransomware identified as the No. 1 threat. The company argues that “prevention first” continues is the best cybersecurity strategy because once an attack happens, it can be challenging to repair the damage to the victim and its reputation.

The integration sees Check Point Harmony Endpoint tap into Intel’s Threat Detection Technology Technology, available on the Intel vPro platform, to employ artificial intelligence and machine learning. With the ability to use AI and machine learning, Harmony can analyze processor telemetry and recognize ransomware encryption commands early in the attack flow, raising the barrier against advanced threats, according to the companies.

Combined, the service strengthens prevention and security measures for customers, blocking endpoint threats with capabilities that identify, block and remediate the entire attack chain.

“The Intel vPro platform contains hardware-based security features, including Threat Detection Technology specifically designed to detect ransomware and other advanced threats,” Carla Rodríguez, vice president and general manager, Ecosystem Partner Enabling at Intel, said in a statement. “When paired with Check Point’s security solutions, customers can be confident knowing their endpoints are better protected at both the hardware and software layers.”

Check Point customers benefit from processor-level security that starts at the silicon level and provides anti-ransomware capabilities allowing for earlier prevention and expansive attack surface coverage.

Additional details,…

Source…

Stefanie Drysdale’s Weekly Cyber/Security Recap #149 – Friday, November 11, 2022

/in



Researchers Devise New Speculative Execution Attacks Against Some Intel, AMD CPUs

/in


Researchers at ETH Zurich have found a way to overcome a commonly used defense mechanism against so-called speculative execution attacks targeting modern microprocessors.

In a technical paper published this week, the researchers described how attackers could use their technique — dubbed “Retbleed” — to steal sensitive data from the memory of systems with Intel and AMD microprocessors that are vulnerable to the issue. The researchers built their proof-of concept code for Linux but said some Windows and Apple computers with the affected microprocessors likely have the issue as well.

Their discovery prompted Intel and AMD to issue advisories this week describing mitigations against the new attack method. In an emailed statement, Intel said it had worked with industry partners, the Linux community, and Virtual Machine Manager (VMM) vendors to make mitigations available to customers. “Windows systems are not affected as they already have these mitigations by default,” Intel noted.

AMD said the issue the researchers had identified potentially allows arbitrary speculative code execution under certain microarchitecture conditions. “As part of its ongoing work to identify and respond to new potential security vulnerabilities, AMD is recommending software suppliers consider taking additional steps to help guard against Spectre-like attacks,” AMD said in an emailed statement. “That guidance is found in a new AMD whitepaper now available.”

Both chipmakers said they were not aware of any active exploits in the wild related to the issue that the researchers at ETH Zurich discovered and reported.

A Dangerous Attack Vector

Security researchers consider speculative execution attacks as dangerous because they give attackers a way to access and steal sensitive data — including passwords and encryption keys — in a computer’s memory. It’s an issue that is especially of concern in shared environments such as public cloud services and shared enterprise infrastructure.

Speculative execution is a performance-enhancing mechanism in modern microprocessors where instructions in code are executed in advance of when they are needed, without waiting for previous instructions to be completed. The…

Source…