Security News

The Czech Republic's intelligence agency said Tuesday Russian and Chinese spies posed an imminent threat to the EU member's security and other key interests last year. All Russian intelligence services were active on Czech territory in 2019.

A massive Intel security update this month addresses flaws across a myriad of products - most notably, critical bugs that can be exploited by unauthenticated cybercriminals in order to gain escalated privileges. These critical flaws exist in products related to Wireless Bluetooth - including various Intel Wi-Fi modules and wireless network adapters - as well as in its remote out-of-band management tool, Active Management Technology.

An international team of security researchers is presenting new side-channel attacks, which use fluctuations in software power consumption to access sensitive data on Intel CPUs. Power side-channel attacks are attacks that exploit fluctuations in power consumption to extract sensitive data such as cryptographic keys.

Boffins based in Austria, Germany, and the UK have identified yet another data-leaking side-channel flaw affecting Intel processors, and potentially other chips, that exposes cryptographic secrets in memory. The paper describes a way to extract confidential data from devices by measuring power consumption fluctuations in Intel chips from Sandy Bridge onward using just software and without the need to physically wire instruments to machines.

Microsoft has released a new batch of Intel microcode updates for Windows 10 20H2, 2004, 1909, and older versions to fix new hardware vulnerabilities discovered in Intel CPUs. When Intel finds bugs in their CPUs, they release microcode updates that allow operating systems to patch the behavior of the CPU to fix, or at least mitigate, the bug.

Intel on Wednesday talked up a set of security features planned for its promised third-generation Xeon Scalable Processors, code-named Ice Lake, which are supposed to show up before the end of the year. The chip biz said it's "Doubling down on its Security First Pledge," as if some sort of quantitative measurement of security could be calculated and weighed against prior security commitments.

One such feature is called Intel Total Memory Encryption, which Intel said helps ensure that all memory accessed from the CPU is encrypted - such as customer credentials, encryption keys and other IP or personal information on the external memory bus. The Intel Platform Firmware Resilience will be part of the Xeon Scalable platform, which Intel claims will help protect against platform firmware attacks by detecting them before they can compromise or disable the machine.

Google and Intel are warning of a high-severity flaw in BlueZ, the Linux Bluetooth protocol stack that provides support for core Bluetooth layers and protocols to Linux-based internet of things devices. According to Google, the vulnerability affects users of Linux kernel versions before 5.9 that support BlueZ. BlueZ, which is an open-source project distributed under GNU General Public License, features the BlueZ kernel that has been part of the official Linux kernel since version 2.4.6.

Intel on Wednesday announced the new security technologies that will be present in the company's upcoming 3rd generation Xeon Scalable processor, code-named "Ice Lake.". "Protecting data is essential to extracting value from it, and with the capabilities in the upcoming 3rd Gen Xeon Scalable platform, we will help our customers solve their toughest data challenges while improving data confidentiality and integrity. This extends our long history of partnering across the ecosystem to drive security innovations," said Lisa Spelman, corporate VP of the Data Platform Group and GM of the Xeon and Memory Group at Intel.

Intel unveiled the suite of new security features for the upcoming 3rd generation Intel Xeon Scalable platform, code-named "Ice Lake.". Intel is doubling down on its Security First Pledge, bringing its pioneering and proven Intel Software Guard Extension to the full spectrum of Ice Lake platforms, along with new features that include Intel Total Memory Encryption, Intel Platform Firmware Resilience and new cryptographic accelerators to strengthen the platform and improve the overall confidentiality and integrity of data.