Security News

The mitigations applied to exorcise Spectre, the family of data-leaking processor vulnerabilities, from computers hinders performance enough that disabling protection for the sake of speed may be preferable for some. "Before Spectre mitigations, those system calls hardly slowed down userspace execution at all."

Leveraging their close cooperation on 5G NR implementation in their wireless test solutions, the T&M specialists Rohde & Schwarz and VIAVI Solutions have successfully accomplished high-speed data throughput end-to-end test of 5G NR eMBB. By achieving 7.5 Gbps, the two companies herald the new age of high data throughput, showing that it is possible to validate very high data rate applications over a 5G network without performance compromises. The setup is based on the R&S CMX500 wideband radio communication tester by Rohde & Schwarz and the TM500 network tester for user equipment emulation by VIAVI. In the demo, the instruments simulate a standalone 5G cellular network with 8x downlink carrier aggregation in NR dual connectivity using 1xCC in FR1 and 7xCC in FR2 with a modulation scheme of 256QAM on all carriers.

Social media was abuzz tonight after thousands of HBO Max subscribers received strange emails titled "Integration Test Email #1," which was ultimately blamed on a HBO Max intern. As a test email going out to all HBO Max subscribers wasn't bad enough, HBO Max's Twitter account blamed an intern for the mistakenly sent email blast.

Social media was abuzz tonight after thousands of HBO Max subscribers received strange emails titled "Integration Test Email #1," which was ultimately blamed on a HBO Max intern. As a test email going out to all HBO Max subscribers wasn't bad enough, HBO Max's Twitter account blamed an intern for the mistakenly sent email blast.

VIAVI Solutions unveiled TMLite, a streamlined version of its flagship TM500 Network Tester in use with virtually every wireless base station manufacturer around the globe. By delivering features, software environment and user experience consistent with TM500 on a commercial off-the-shelf server, this new solution enables vendors to increase engineering productivity and rapidly identify software errors by deploying focused functional test tools earlier in the development cycle.

As more and more networks are implementing Resource Public Key Infrastructure validation and signing of their BGP routes-to protect themselves against route hijacks and leaks, what should happen in case the critical RPKI goes down? ARIN plans on performing unannounced maintenance of its RPKI, sometime in July, for about thirty minutes to check if networks are adhering to BGP best practices.

Researchers from infosec biz Pen Test Partners established a persistent shell on an in-flight entertainment system from a Boeing 747 airliner after exploiting a vulnerability dating back to 1999. "With every directory traversal attack the target program is required to be on the same drive as the webserver. In our case we needed the system32 folder to be on the same drive as the IIS install." This was apparently easy enough in the lab but it was not spelled out in the blog post as to whether this was how the NT4 IFE system was configured aboard the 747.

Microsoft has released SimuLand, an open-source lab environment to help test and improve Microsoft 365 Defender, Azure Defender, and Azure Sentinel defenses against real attack scenarios. SimuLand test labs "Provide use cases from a variety of data sources including telemetry from Microsoft 365 Defender security products, Azure Defender, and other integrated data sources through Azure Sentinel data connectors," MSTIC Threat Researcher Roberto Rodriguez said.

UK rail operator West Midlands Trains sent an email to 2,500 employees to thank them for hard work during COVID and promised a one-time bonus as a reward, but that lovely news turned out to be phishing training. The event may end up costing the UK train operating company as Cortes has demanded the company make good and provide the promised bonuses.

What can security leaders do to make sure they're prepared and hone their skills ahead of the next inevitable threat? Now, they can test themselves and their knowledge at a new website, The CISO Challenge. Launched by XDR provider Cynet, it aims to let information security leaders to test their cybersecurity mettle.