Security News
It cannot be fixed without replacing the silicon, only mitigated, it is claimed: the design flaw is baked into millions of Intel processor chipsets manufactured over the past five years. Buried deep inside modern Intel chipsets is what's called the Management Engine, or these days, the Converged Security and Manageability Engine.
Garrison is using ARM processor chips to create a hardware defense against data breaches and malware. Instead of relying on endpoint protection or user training to improve security, the UK-based security company Garrison wants to use hardware to prevent malware infections and data breaches.
The vulnerability exists in Wi-Fi chips made by Cypress Semiconductor and Broadcom, the latter a chipmaker Cypress acquired in 2016. The affected devices include iPhones, iPads, Macs, Amazon Echos and Kindles, Android devices, and Wi-Fi routers from Asus and Huawei, as well as the Raspberry Pi 3.
Jetico, long-trusted pioneer in data encryption, announced support for Mac computers with a T2 security chip. With this update, BestCrypt Volume Encryption - Enterprise Edition becomes the industry's most comprehensive enterprise encryption software for Windows and macOS. "Native OS encryption tools might be an easy way to get started with data protection. Yet there's a critical limitation. Their security is bound to only some versions of a single operating system," states Jetico CEO, Michael Waksman.
To combat supply chain counterfeiting, which can cost companies billions of dollars annually, MIT researchers have invented a cryptographic ID tag that's small enough to fit on virtually any product and verify its authenticity. Wireless ID tags are becoming increasingly popular for authenticating assets as they change hands at each checkpoint.
More than a quarter century after its introduction, the failed rollout of hardware deliberately backdoored by the NSA is still having an impact on the modern encryption debate. Known as Clipper, the encryption chipset developed and championed by the US government only lasted a few years, from 1993 to 1996.
Hackers may be able to remotely take complete control of cable modems from various manufacturers due to a critical vulnerability affecting a middleware component shipped with some Broadcom chips. They've reproduced the attack on ten cable modems from Sagemcom, Netgear, Technicolor and COMPAL, but other manufacturers also likely use the Broadcom chip containing the vulnerability.
Back in 2012, the same year America's National Institute of Standards Technology advised against using SHA-1 for applications that require collision resistance, cryptographer Bruce Schneier estimated that the cloud computing bill for carrying out a SHA-1 attack would be about $2.77m. And he projected the cost would fall to about $43,000 by 2021. In their paper, Leurent and Peyrin put the theoretical cost at $11,000 for a SHA-1 collision and $45,000 for a chosen-prefix collision.
A newly disclosed attack method targeting Intel processors employs voltage modifications to expose data protected using Intel's Software Guard Extensions (SGX). read more
A newly disclosed attack targeting Intel processors utilizes CPU voltage modifications to expose data stored using Intel's Secure Guard Extensions (SGX). read more