Native Spectre v2 exploit puts Intel systems running Linux at risk
It's been some time since we discussed the initial Spectre security flaw that impacted numerous CPUs, and which was subsequently followed by the Spectre v2 vulnerability. Now there are new concerns following the discovery of the first native Spectre v2 exploit against the Linux kernel.
Researchers from the Systems and Network Security Group at Vrije Universiteit Amsterdam (VUSec) have demonstrated that Intel CPUs running Linux are vulnerable to Native Branch History Injection (BHI). VUSec says its InSpectre Gadget tool can be used to "not only uncover new (unconventionally) exploitable gadgets in the Linux kernel, but that those gadgets are sufficient to bypass all deployed Intel mitigations".
Microsoft releases Windows 11 Moment 5 and fixes scores of vulnerabilities with KB5036893 update
Windows 11 Moment 5 is now available to everyone. Microsoft has released the KB5036893 update as part of its monthly update schedule, bringing the new Moment 5 features to all users, not just Windows Insiders.
As well as updating Snap Layouts and Copilot, KB5036893 also includes changes to widgets and injects AI features into Photos and Clipchamp. There are also fixes for a huge number of security issues.
Security vendor consolidation or best of breed? Why you must do both
Trends in cybersecurity (like many areas of technology and life) tend to make pendulum-like swings over time. One such shifting debate is around security tool philosophy: is it best to use an array of best-in-class tools or consolidate to a single, “do it all” security platform?
I argue that it is essential to planfully and strategically implement a hybrid approach. By combining some best-of-class tools with integrated platforms, you can eliminate the chaos of countless single tools and embrace the advanced benefits of today’s platforms, while still having some high-value, niche solutions to provide the necessary layers of protection for the security armor. It’s important to avoid dependence on a single vendor to also avoid implementing that vendor’s weaknesses/blind spots across the enterprise; yet these solutions offer many advantages.
Shielding the lifelines: Protecting energy and infrastructure from cyber threats
The energy and infrastructure sectors serve as the backbone of global stability and economic health, underpinning nearly all facets of modern society. As such, the integrity and reliability of these systems are paramount, and failure to maintain their uptime could lead to unprecedented disruptions in daily life. This reality underscores the pressing need to safeguard these sectors from evolving cybersecurity threats.
However, the very importance of energy and infrastructure makes them prime targets for cybercriminals. The surge in sophisticated email-based attacks, such as business email compromise (BEC) and vendor email compromise (VEC), poses a significant risk. These cyber tactics, often characterized by deceptive social engineering and the absence of traditional threat indicators, allow attackers to bypass conventional security measures easily. Understanding these attacks is the first step towards developing robust defenses against them.
Microsoft is great, but not enough for email security
Microsoft 365 is the default software in SMEs, and understandably. The software offers a comprehensive set of productivity tools; flexible, scalable, and affordable licensing options, and compliance and security capabilities. However, given the ever-growing and persistent threat of cyberattacks, for email security, the standard security safeguards offered are insufficient.
Analysis of over 1 billion emails worldwide shows that emails are the preferred vehicle of cybercriminals. Email-delivered malware remains a favorite, increasing by 276 percent between January and December of last year. Additionally, attachments are growing as a threat. In Q4 of 2023, EML attachments increased 10-fold. Criminals are sending malicious payloads via EML files because they get overlooked when attached to the actual phishing email, which comes out clean.
Microsoft is deprecating 1024-bit RSA certificate support in Windows 10 and Windows 11 to boost security
Microsoft has quietly announced plans to deprecate TLS server authentication certificates using RSA keys with key lengths shorter than 2048 bits.
The change means that it will not be possible to use 1024-bit keys, although Microsoft is yet to reveal exactly when the changeover will start. This is important information for companies using aging hardware and software as it will mean weaker keys can no longer be used for authentication.
Immutability: A boost to your security backup
As the volume of data continues to increase and the threat landscape continues to evolve, it is increasingly important for organizations to protect backup data from unwanted deletion. Threats today can take the form of a malicious insider deleting backup data or a targeted cyberattack on the backups themselves. Modern ransomware attacks often first seek out and destroy backups before moving on to encrypting production data. However, companies will benefit from implementing immutability, the act of making data writable but noneditable for a defined period of time, as part of their data protection arsenal to help avoid or recover from a loss of production data situation.
The rise in cyber incidents, which according to the Veeam Data Protection Trends Report 2023 is the leading cause of outages over the past three years, is bringing the need for immutability to the fore, particularly as most organizations reported having fallen victim to cyber incidents, on average, twice a year.
Microsoft releases KB5035845 update for Windows 10, with security fixes, new Windows share features and more
Windows 10 users have a new security update to install in the form of the KB5035845 update. In addition to addressing a number of security issues, this mandatory update also kills the Windows Backup app for many people and introduces various other changes.
One of the most interesting additions to be found in the KB5035845 update are improvements to Windows share. There are also fixes for various issues in Windows 10 including Windows Hello problems.
Microsoft releases KB5035853 security update for Windows 11 fixing 0x800F0922 error and more
Microsoft has released a new security update for Windows 11. KB5035853 is a mandatory update which not only addresses security issues, but also introduces changes to make Windows 11 compliant with new DMA legislation in Europe.
On top of this, the update fixes the 0x800F0922 error which many people started to experience back in February. The KB5035853 update also features various other changes and additions such as the arrival of support for the USB 80Gbps standard.
Meta adds a new label to show whether third-party WhatsApp chats are secure
New rules in Europe means that WhatsApp will have to offer interoperability with other messaging apps and platforms. This is something that Meta has already been talking about, having published its preference for third parties to use the Signal Protocol as the foundation for these E2EE communications.
Use of the Signal Protocol will not be a requirement for interoperability, but whatever protocol is used by a third-party messaging app or platform, it will need to show they offer "the same security guarantees as Signal". To communicate security to users, WhatsApp is introducing a new "end-to-end encrypted" label that will be added to secure chats.
Microsoft quietly extends the availability of Windows 11 22H2 updates
To little fanfare, Microsoft has announced that anyone choosing to stick with Windows 11 22H2 will be able to install optional updates for longer than previously planned.
Despite having started to forcibly upgrade some Windows 11 22H2 systems to Windows 11 23H2, Microsoft has had a change of heart about how it will handle updates for the older version of the operating system moving forward. The company had previously said that non-security updates would not be available after this month, but there's a new extended deadline in place now.
Ransomware resurgence: Tackling the new generation of cyber threats
Sadly, there has never been a better phrase than ‘survival of the fittest’ to describe cyber criminal groups. They are constantly refining their tactics to cause greater disruption and earn even bigger profits. The ransomware ecosystem is a resilient and lucrative business model, and attacks are causing huge pain for organizations.
Just look at the recent attack on the British Library. The attack rendered the British Library’s website inoperative, and it’s been reported the institution may have to spend £7 million to recover. The Rhysida group, who were responsible for the attack, disseminated hundreds of thousands of confidential documents on the internet, encompassing both customer and employee information.
Authy desktop apps for Windows, macOS, and Linux reach end-of-life: Here's what you need to know
There is some shocking and sad news that will impact Authy users globally. You see, Twilio has announced the end-of-life for its desktop applications on Windows, macOS, and Linux platforms, slated for March 19, 2024. This move highlights a change in the company's strategy, emphasizing the transition towards mobile-centric security solutions.
Authy has been a staple for users seeking an extra layer of security beyond traditional passwords. The desktop applications have provided a convenient way for users to manage their authentication tokens directly from their computers. However, with the upcoming discontinuation, Authy is urging its user base to migrate to its mobile applications.
Breaking Bitlocker: Watch Microsoft's Windows disk encryption being bypassed in just 43 seconds
Microsoft BitLocker is a full-disk encryption feature included in certain editions of Windows operating systems, designed to enhance the security of data stored on a computer or external drives. It serves as a crucial component of Microsoft's broader approach to data protection and aims to safeguard sensitive information against unauthorized access, particularly in scenarios where devices might be lost, stolen, or otherwise fall into the wrong hands.
BitLocker operates by encrypting the entire contents of a disk drive, including the operating system, system files, and user data. It uses a symmetric encryption algorithm, typically AES (Advanced Encryption Standard), to secure the data. To access the encrypted information, a user must provide a pre-boot authentication password or use additional authentication methods, such as a PIN or a USB key.
Quantum computing: The data security conundrum
One of the biggest challenges of digital technology today is around security systems and data. In response to this, sophisticated algorithms have been designed to encrypt data and protect it through frameworks known as symmetric cryptography. While this has proven successful, advancements in quantum computing -- which utilizes quantum mechanics to solve complex problems faster than conventional computers -- could potentially turn data security on its head.
IBM, Microsoft and Google have already turned their attention to quantum computing and, as a result, commercially viable quantum computers are not too far from becoming a reality. In fact the global quantum computing market size in terms of revenue was estimated to be USD 866 Million in 2023 and is poised to reach USD 4,375 Million by 2028, growing at a CAGR of 38.3 percent from 2023 to 2028. This is raising concerns that these computers might pose a threat to current public-key cryptography algorithms and potentially expose sensitive data. As such, data security needs to be a step ahead, with more advanced cryptographic algorithms that minimise potential risks and ensure the safeguarding of data in a quantum computing world.
Recent Headlines
Most Commented Stories
© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.