Security News

Apple's brand new Mac has a security hole, right inside the processor itself! The vulnerability is baked into Apple Silicon chips, and cannot be fixed without a new silicon revision.

Apple's Arm-based M1 chip, much ballyhooed for its performance, contains a design flaw that can be exploited to allow different processes to quietly communicate with one another, in violation of operating system security principles. Martin has published a proof-of-concept script to demonstrate how to read and write data to the overly talkative system register and a proof-of-concept script for setting up a covert channel on an M1 system.

Cybersecurity researchers have disclosed a new security vulnerability in Qualcomm's mobile station modems that could potentially allow an attacker to leverage the underlying Android operating system to slip malicious code into mobile phones, undetected. Designed since the 1990s, Qualcomm MSM chips allows mobile phones to connect to cellular networks and allow Android to take to the chip's processor via the Qualcomm MSM Interface, a proprietary protocol that enables the communication between the software components in the MSM and other peripheral subsystems on the device such as cameras and fingerprint scanners.

IBM unveiled a breakthrough in semiconductor design and process with the development of the world's first chip announced with 2 nanometer nanosheet technology. IBM's new 2 nm chip technology helps advance the state-of-the-art in the semiconductor industry, addressing this growing demand.

A vulnerability in a 5G modem data service could allow mobile hackers to remotely target Android users by injecting malicious code into a phone's modem - gaining the ability to execute code, access mobile users' call histories and text messages, and eavesdrop on phone calls. That's according to Check Point Research, which said that the bug exists in the Qualcomm Mobile Station Modem Interface, which is known as QMI for short.

Billions of Android devices are exposed to a vulnerability in Qualcomm's Mobile Station Modem chip. A vulnerability in Qualcomm's Mobile Station Modem chip- installed in around 30% of the world's mobile devices - can be exploited from within Android.

In a research report published Thursday, cyber threat intelligence provider Check Point Research revealed certain details on a flaw it identified in 2020 in Qualcomm mobile station modem chips, including ones used in 5G devices. Mobile phone makers must apply the patch and roll out the fix to users, which means that any device not yet updated would still be vulnerable.

Version 90 of Google's Chrome browser includes a bit of extra security for users of recent versions of Windows and the latest x86 processors, in the form of hardware-enforced stack protection. This basically means that, if your PC supports it, it's a bit harder for malicious websites to exploit bugs in Chrome to hijack your computer.

Apple's latest macOS updates patch three vulnerabilities that can be exploited to bypass security mechanisms, including one that has been exploited in the wild and one that impacts only Macs powered by the M1 chip. It was reported earlier this week that one of the security holes patched in macOS Big Sur and Catalina has been exploited by a piece of malware known as Shlayer to bypass security mechanisms designed by Apple to protect users against malicious files downloaded from the internet, specifically file quarantine, Gatekeeper and notarization.

An increasing number of Mac malware developers have started creating variants that are specifically designed to run on devices powered by Apple's M1 chip. Apple unveiled its M1 system-on-chip in November 2020 and the first malware created specifically for systems with the arm64 CPU architecture used by the M1 was apparently created in December.