Security News

All defenses against Spectre side-channel attacks can now be considered broken, leaving billions of computers and other devices just as vulnerable today as they were when the hardware flaw was first announced. Published on Friday by a team of computer scientists from the University of Virginia and the University of California, San Diego, describes how all modern AMD and Intel chips with micro-op caches are vulnerable to this new line of attack, given that it breaks all defenses.

A previously undocumented backdoor malware, dubbed PortDoor, is being used by a probable Chinese advanced persistent threat actor to target the Russian defense sector, according to researchers. The malware then creates an additional file in %temp% with the hardcoded name "58097616.tmp" and writes the GetTickCount value multiplied by a random number to it: "This can be used as an additional identifier for the target, and also as a placeholder for the previous presence of this malware," researchers explained.

Researchers at Cybereason say they have discovered an undocumented malware targeting the Russian military sector and bearing the hallmarks of originating in China if not being Chinese state sponsored. One sample was found dropping previously unknown malware, that the Cybereason researchers have now called PortDoor.

Apple patched a zero-day vulnerability in its MacOS that can bypass critical anti-malware capabilities and which a variant of the notorious Mac threat Shlayer adware dropper already has been exploiting for several months. Security researcher Cedric Owens first discovered the vulnerability, tracked as CVE-2021-30657 and patched in macOS 11.3, an update dropped by Apple on Monday.

Source Defense announced its partnership with Prevalent to identify threats and protect online businesses against automated and client-side attacks exploiting third-party code and website access. To improve visibility into these risks Source Defense identifies and analyzes the areas targeted by client-side threats and open-source risks.

Dozens of defense companies, government agencies, and financial organizations in America and abroad appear to have been compromised by China via vulnerabilities in their Pulse Connect Secure VPN appliances - including a zero-day flaw that won't be patched until next month. On Tuesday, IT software supplier Ivanti, the parent of Pulse Secure, issued a wake-up call to its customers by revealing it looks as though select clients were compromised via their encrypted gateways.

Pulse Secure has shared mitigation measures for a zero-day authentication bypass vulnerability in the Pulse Connect Secure SSL VPN appliance actively exploited in attacks against worldwide organizations and focused on US Defense Industrial base networks. To mitigate the vulnerability tracked as CVE-2021-22893, Pulse Secure advises customers with gateways running PCS 9.0R3 and higher to upgrade the server software to the 9.1R.11.

Panasonic announced its modular TOUGHBOOK 55 notebook is now available for the defense industry with an integrated Eclypt Core Encrypted Internal Hard Drive from global communications company, Viasat. The Panasonic TOUGHBOOK 55 sets a new standard for rugged mobile computing with users able to customise their device for different tasks while in the field.

The highest-ranked officer in India's armed forces has admitted that China has cyber-war capabilities that can overwhelm his nation's defenses and suggested that only cross-forces collaboration will get India to parity with its giant neighbor. General Bipin Rawat, a four-star general and since 2020 the first to hold a new role of chief of defense staff, offered that assessment yesterday in a talk hosted by Indian think tank the Vivekananda International Foundation.

One solution to the dilemma of using different security defenses is to look for one company that provides everything to replace existing security defenses. To exemplify the idea of centralized cybersecurity Cyrebro has designed a security solution that unifies all of the security tools of an organization to make it easier to track security events, proactively deal with cyber threat intelligence, and ensure a rapid incident response.