Google knew about Spectre and Meltdown processor bugs last year, so its products are (mostly) protected
Perhaps most surprising is the fact that Google -- via Project Zero -- was aware of the problem in June of 2017. The company even went as far as informing Intel, AMD and ARM about the issue. But for Google customers, the good news is that the early detection of the security flaw means that Google Cloud, G Suite and Chrome users are fairly safe.
News of an enormous security bug affecting millions of processors can't have escaped your attention over the last 24 hours or so. While Intel goes into a panicked meltdown, desperately pointing out that there's another bug affecting other processors too, software fixes are starting to emerge.
macOS has already been patched, and fixes have started to roll out to numerous Linux distros as well. Now Microsoft has pushed out a rare, off-schedule emergency fix for Windows 10 users which should be automatically installed. Users of Windows 7 and Windows 8 will have to wait until next week for a patch.
Earlier today, we reported on some shocking news -- there is a serious vulnerability that affects Intel processors. To make matters worse, patching that vulnerability -- now known as "Meltdown" -- would cause an up-to 30 percent performance degradation. Yikes!
If you have an AMD processor, you are safe, right? Yes, but not really. You see, yet another vulnerability has been revealed that impacts all modern processors, such as those from Intel, AMD, and yeah, even ARM chips. This vulnerability is called "Spectre," and it has the potential to put the entire technology industry into a tailspin. Seriously, folks, this is very bad -- it is like the computing apocalypse. What's the worst that could happen? Well, your data and passwords could leak and you are almost powerless to stop it.
We're used to digital assistants controlling more and more aspects of our daily lives, but a UK police force is looking at how Amazon Echo could help in fighting crime.
Police in Lancashire, north west England, are looking at how Alexa could relay information about missing persons or updates on local crime to citizens. It could also be used in the reporting of minor offenses, freeing up police call centers to deal with more serious issues.
A design flaw has been discovered in Intel chips that will require major changes to be made to the Windows and Linux kernels. While patches are being worked on -- and in the case of Windows Insiders, have already rolled out -- users of both operating systems can expect to experience something of a performance hit. macOS machines running on Intel chips are also affected.
Intel is -- for the moment -- remaining tight-lipped about the specifics of the flaw that has been unearthed, but it is believed to affect processors produced in the past decade. Developers are currently estimating that systems could experience slow downs of between 5 and 30 percent.
Advertisers are keen for their ads to be seen, that goes without saying. But it's more important to be seen by the right people, hence the explosion in targeted advertising. Social media is a great way to gather massive amounts of data about people and deliver ads accordingly, but some mobile games take things further.
There's no denying the massive popularity of Kodi, and the streaming media center has become infamous as well as famous. While the negative press concerning the software tends to focus on the potential for piracy, there's also the question of privacy and security.
Kodi includes -- as does the likes of Plex -- a remote access feature. While wonderfully useful for when you're away from home, it also poses a security risk and represents a serious privacy concern if not correctly configured.
Apple has a tendency to pride itself on security, but a researcher has released details of a macOS vulnerability that allows for complete system control by an unprivileged user.
A self-described "hobbyist hacker," Siguza, has published details of the exploit which is thought to have existed, undetected and unpatched for at least a decade. As well as details of the security flaw, Suguza has also published proof-of-concept code for the IOHIDeous vulnerability on GitHub.
In a cautionary tale for the festive season, unorthodox security guru John McAfee claims to have had his Twitter account hacked.
The account sent out a number of 'coin of the day' Tweets on December 27th encouraging followers to buy some lesser known crypto currencies. Nothing especially strange in that as McAfee has himself sent this type of message in the past.
The name Edward Snowden will always be associated with the NSA, but the man has fingers in many other pies. His latest venture is an app called Haven which can turn a smartphone into a security device that keeps an eye on your possessions.
Haven is an Android app, currently in beta, designed to be installed on an "extra" phone that you wouldn't mind losing. Placed with your belongings, it uses a phone's sensors -- microphone, camera, gyroscope, accelerometer, and so on -- to detect and record theft and tampering.
The biggest threat facing cybersecurity is not advanced attackers or evolving technology. It is the lack of people able to defend networks.
Cybersecurity experts predict that by 2021 there will be 3.5 million unfilled cybersecurity jobs. That number is up from one million in 2016. The reasons behind this global issue are complicated, but many of them stem from the overarching issue of security burnout and the difficulty of new individuals entering the cybersecurity workforce to reduce the overall workload.
It's the time of year when industry experts like to dust off their crystal balls, examine the pattern of tea leaves in the bottom of their cups and try to predict what the coming year is going to hold.
As far as security is concerned most commentators think we can expect the increase in numbers and sophistication of attacks we've seen in 2017 to continue, but there are some new things to worry about too.
Cybersecurity experts are in agreement: enterprises simply cannot afford to skip investing in protections that safeguard their networks, systems and data. But with budgets straining, even as attacks are more prolific and powerful than ever, they need security that doesn’t break the bank. Fortunately, there several steps enterprises can take to cost-effectively bolster their cybersecurity.
In 2017, there were plenty of high-profile attacks to put people on edge. It’s been reported that there have been millions of records stolen using ransoms and extortion attempts. Who can forget WannaCry, the massive cyberattack in mid-May that spread around the world in days, crippling businesses in 150 countries by hijacking more than 230,000 computers, locking up data and demanding money to set them free? The attack used ransomware, a type of malware that encrypts data until you pay a ransom. Then there were other ransomware attacks like Petya and NotPetya. And of course, there’s always the steady drumbeat of viruses and distributed denial of service (DDoS) attacks.