Security News
Enterprise security teams need to move from the consumption of crowdsourced threat intelligence to an additional mode of contribution. We are a community with grand ideas around the concept of crowdsourced threat intelligence, but with little history or previous successes that show CTI as a viable idea.
Intel 471 announced the appointment of Ms. Yang Cao as the company's senior regional director, Asia-Pacific. "We've seen tremendous traction in APAC, especially over the last year. To help better serve this growing market, we are allocating more in-country staff to provide greater support for our customers and partners there and will continue to invest in the region," said CEO Mark Arena at Intel 471.
The threat actor is Charming Kitten - aka a number of names, including TA453, APT35, Ajax Security Team, NewsBeef, Newscaster and Phosphorus. Operation SpoofedScholars shows TTPs that are also similar to previous TA453 campaigns and "Consistency with TA453's historical targeting," the analysts wrote, including using free email providers to spoof individuals familiar to their targets.
The Colonial Pipeline ransomware attack put a glaring spotlight on the ransomware scourge - and, in particular, on the rise of ransomware-as-a-service. The CryptoLocker ransomware attack was propagated by infected email attachments and via the Gameover Zeus botnet.
A year later, in 2014, Intel was forced to turn TSX off in Haswell and selected Broadwell chips after an erratum was disclosed allowing for "Unpredictable system behaviour" - exactly the opposite of what you want in your database-centric server system. It would now appear that Intel plans to throw in the towel, as brought to our attention in a scan of the latest changes to the Linux kernel by Phoronix: Intel has released a microcode update which disables TSX on processors ranging from the Broadwell successor Skylake through to Coffee Lake parts released starting in 2017.
Microsoft announced today that they might lower the Windows 11 system requirements to allow Intel 7th generation and AMD Zen 1 CPUs to use the new operating system. Even if your hardware had no problems running Windows 10, Microsoft decided only to allow Intel 8th generation, AMD Zen 2, and Qualcomm 7 and 8 Series processors to be compatible with Windows 11.
The Recorded Future co-founder and CEO this week unveiled The Intelligence Fund, an in-house initiative that sets aside $20 million to invest in seed-stage and Series A startups in the nascent threat-intelligence space. Flush with cash from its own $780 million sale to private equity firm Insight Partners, Ahlberg says Recorded Future wants to make early bets on entrepreneurs taking new approaches to collecting and parsing data to feed into security intelligence tools.
Intel has unleashed 29 security advisories to plug up some serious bugs in the BIOS firmware for Intel processors, as well as in its Bluetooth products, Active Management Technology tools, the NUC Mini PC line, and, ironically, in its own security library. "Forty of those, or 55 percent, were found internally through our own proactive security research. Of the remaining 33 CVEs being addressed, 29, or 40 percent, were reported through our bug-bounty program. Overall, 95 percent of the issues being addressed today are the result of our ongoing investments in security assurance, which is consistent with our 2020 Product Security Report."
Intel this week announced the availability of patches for 73 vulnerabilities identified across multiple products, including several high-severity flaws that can be exploited to escalate privileges. The most severe of the newly addressed flaws is a high-severity incomplete cleanup issue in Intel VT-d products that could allow an authenticated user to enable escalation of privilege via local access.
Intel has pushed out a raft of security advisories for June, bringing its total discovered "Potential vulnerabilities" for the year to date to 132, only a quarter of which were reported by external contributors and the company's bug bounty programme. "Today we released 29 security advisories addressing 73 vulnerabilities," Intel's Jerry Bryant said of the company's latest updates.