Security News

In a research report published Thursday, cyber threat intelligence provider Check Point Research revealed certain details on a flaw it identified in 2020 in Qualcomm mobile station modem chips, including ones used in 5G devices. Mobile phone makers must apply the patch and roll out the fix to users, which means that any device not yet updated would still be vulnerable.

Version 90 of Google's Chrome browser includes a bit of extra security for users of recent versions of Windows and the latest x86 processors, in the form of hardware-enforced stack protection. This basically means that, if your PC supports it, it's a bit harder for malicious websites to exploit bugs in Chrome to hijack your computer.

Apple's latest macOS updates patch three vulnerabilities that can be exploited to bypass security mechanisms, including one that has been exploited in the wild and one that impacts only Macs powered by the M1 chip. It was reported earlier this week that one of the security holes patched in macOS Big Sur and Catalina has been exploited by a piece of malware known as Shlayer to bypass security mechanisms designed by Apple to protect users against malicious files downloaded from the internet, specifically file quarantine, Gatekeeper and notarization.

An increasing number of Mac malware developers have started creating variants that are specifically designed to run on devices powered by Apple's M1 chip. Apple unveiled its M1 system-on-chip in November 2020 and the first malware created specifically for systems with the arm64 CPU architecture used by the M1 was apparently created in December.

A team of researchers from universities in the United States, Australia and Israel has demonstrated that attackers could launch browser-based side-channel attacks that do not require JavaScript, and they've tested the method on a wide range of platforms, including devices that use Apple's recently introduced M1 chip. The researchers - representing the Ben-Gurion University of the Negev, the University of Michigan and the University of Adelaide - have published a paper on what they have described as the first browser side-channel attack that uses only CSS and HTML, and works even if JavaScript is completely disabled.

A new AI-powered Google Chrome extension will automatically turn on YouTube extensions if it detects you are eating noisy chips. I doubt few people have not experienced hearing a movie, TV show, or video while someone next to you is loudly eating chips.

"Even though these new Nvidia drivers will halve the earning rate of the cybercriminals, the crooks aren't paying for the electricity, so any unlawfully mined crypto-coins are still essentially free money for them." "In the early days, it was possible to mine Bitcoin using the average computer CPU or a high-speed video processor card; however, today, mining for Bitcoin requires dedicated Bitcoin mining hardware to make it a profitable endeavor," according to the report.

Virtually all payment card terminals at self-checkout lanes now accept cards with a chip to be inserted into the machine. Most modern chip-based cards are significantly thinner than the average payment card was just a few years ago, but the design specifications for these terminals state that they must be able to allow the use of older, taller cards - such as those that still include embossing.

One of the first malware samples tailored to run natively on Apple's M1 chips has been discovered, suggesting a new development that indicates that bad actors have begun adapting malicious software to target the company's latest generation of Macs powered by its own processors. While the transition to Apple silicon has necessitated developers to build new versions of their apps to ensure better performance and compatibility, malware authors are now undertaking similar steps to build malware that are capable of executing natively on Apple's new M1 systems, according to macOS Security researcher Patrick Wardle.

A researcher has spotted the first piece of Mac malware that appears to have been created specifically for devices with Apple's recently introduced M1 chip. Wardle has developed several free and open source security tools for Macs, and came up with the idea to look for malware designed to run natively on M1 systems while rebuilding his tools for native M1 compatibility.