Security News

Why MDS vulnerabilities present a threat as serious as Spectre and Meltdown
2019-05-15 18:00

Microarchitectural Data Sampling are CPU side-channel vulnerabilities that allow attackers to view in-flight data from CPU-internal buffers. Learn more about MDS attacks in this comprehensive guide.

Intel CPUs Impacted By New Class of Spectre-Like Attacks
2019-05-14 18:01

Intel has disclosed a new class of speculative execution side channel attacks.

Perpetual 'Meltdown': Security in the Post-Spectre Era
2019-03-28 17:18

SonicWall's Bill Conner on Side-Channel Attacks and Other Emerging ThreatsThe information security world has been beset by the emergence of multiple side-channel attacks, including Meltdown,...

Microsoft Rolls Out Spectre Variant 2 Mitigations for Windows 10
2019-03-04 18:37

Over the weekend, Microsoft started rolling out a new software update for Windows 10 devices to enable the Retpoline mitigations against Spectre attacks.  read more

WannaCry-hero Hutchins' trial date set, Microsoft readies Google's Spectre V2 fix for Windows 10, Coinhive axed, and more
2019-03-02 11:14

PS: Update Adobe ColdFusion, Cisco WebEx Meetings, Nvidia drivers with security fixes Roundup Here's your weekend rapid-fire roundup of infosec news, ahead of next week's RSA Conference, beyond...

Ready for another fright? Spectre flaws in today's computer chips can be exploited to hide, run stealthy malware
2019-02-27 06:08

Honey, I've shrunk the spyware and concealed it with speculative execution Spectre – the security vulnerabilities in modern CPUs' speculative execution engines that can be exploited to steal...

Google: Software is never going to be able to fix Spectre-type bugs
2019-02-23 17:30

Researchers also devise a Spectre-like attack with no known mitigation.

Data-spewing Spectre chip flaws can't be killed by software alone, Google boffins conclude
2019-02-18 07:05

While browsers have got their act together, any other apps interpreting user-supplied code need to be aware of this Google security researchers have analyzed the impact of the data-leaking Spectre...

Boffin suggests taking the ostrich approach for Spectre-Meltdown-grade processor flaws, other security holes: Don't say anything public – zip it
2019-02-04 22:36

Prof asks: What good comes from letting everyone know a vulnerability exists? A computer engineering professor has an interesting idea for how to handle the public disclosure of serious...

Boffin suggests Trappist monk approach for Spectre-Meltdown-grade processor flaws, other security holes: Don't say anything public – zip it
2019-02-04 22:36

Prof asks: What good comes from letting everyone know a vulnerability exists? A computer engineering professor has an interesting idea for how to handle the public disclosure of serious...