Security News

Forget the infamous Meltdown and Spectre chip flaws from 2018, the problem that's tying down Intel's patching team these days is a more recent class of side channel vulnerabilities known collectively as ZombieLoad. These relate to a data leakage problem called Microarchitectural Data Sampling affecting Intel's speculative execution technology introduced in the late 1990s to improve chip performance. ZombieLoad was originally made public by researchers last May as part of a triplet of hypothetical issues which included two others, Fallout and Rogue In-Flight Data Load, affecting post-2011 Intel processors.

A US state that was struck by a ransomware attack last year is now proposing a local law that would ban possession of malicious software. Local news website the Baltimore Fishbowl reported that Maryland's Senate heard arguments on Senate Bill SB0030, a proposition that would "Label the possession and intent to use ransomware in a malicious manner as a misdemeanor" punishable with up to 10 years in prison and/or a $10,000 fine.

Hackers who may have ties to Iran have recently turned their attention to the European energy sector, using open source tools to target one firm's network as part of an cyberespionage operation, according to the security firm Recorded Future. The precise goal of the campaign that the Recorded Future analysts describe in a report released Thursday is not clear, although other studies have found that several Iranian-backed advanced persistent threat groups have targeted U.S. and European businesses connected to the energy sector over the last several years - before the tensions between the U.S. and Iran recently heated up.

Researchers who took part this week in the Zero Day Initiative's Pwn2Own Miami hacking competition have earned a total of $280,000 for exploits targeting industrial control systems and associated protocols. The teams and individuals who signed up for the hacking contest were Incite Team, Flashback Team, Claroty Research, Ben McBride, Fabius Artrel, Michael Stepankin, Lucas Georges, and a nameless team comprising Tobias Scharnowski, Niklas Breitfeld, and Ali Abbasi from the Horst Goertz Institute for IT-Security in Germany.

Paying off hackers after a ransomware infection could end up being a total loss, according to a study released Thursday which finds some attackers just take the money and run. A survey by researchers at the security firm Proofpoint found that 33 percent of organizations infected with ransomware opted to pay the ransom.

Trend Micro announced the results of research featuring a honeypot imitating an industrial factory. The highly sophisticated Operational Technology honeypot attracted fraud and financially motivated exploits.

A day after the U.S. National Security Agency disclosed a vulnerability that could affect the cryptographic operations in some versions of Microsoft Windows, security researchers started releasing "Proof of concept" code to show how attackers potentially could exploit the flaw. The vulnerability affects versions of Windows 10 as well as Windows Server 2016 and 2019.

Saleem Rashid shows that a patch for a security bug in Windows 10 and Windows Server 2016/2019 could be exploited in the real world to spoof security certificates on machines without the patch. This week Microsoft was forced to quickly patch a security bug in Windows 10 and Windows Server 2016/2019 that could have allowed attackers to spoof legitimate security certificates as a way of gaining control of an infected PC. Microsoft was prompted to act after the NSA discovered and privately reported the bug, which was evidence of a serious flaw in the way the latest versions of Windows and Windows Server check the validity of certain security certificates.

Saleem Rashid shows that a patch for a security bug in Windows 10 and Windows Server 2016/2019 could be exploited in the real world to spoof security certificates on machines without the patch. This week Microsoft was forced to quickly patch a security bug in Windows 10 and Windows Server 2016/2019 that could have allowed attackers to spoof legitimate security certificates as a way of gaining control of an infected PC. Microsoft was prompted to act after the NSA discovered and privately reported the bug, which was evidence of a serious flaw in the way the latest versions of Windows and Windows Server check the validity of certain security certificates.

Google Project Zero security researchers have published technical details on an iMessage vulnerability addressed last year, which could be exploited remotely to achieve arbitrary code execution. Tracked as CVE-2019-8641, the vulnerability is considered Critical, featuring a CVSS score of 9.8, and was discovered by Google Project Zero security researchers Samuel Groß and Natalie Silvanovich.