At the DEF CON 26 security conference held in Las Vegas last week, a security researcher detailed a backdoor mechanism in x86-based VIA C3 processors, a CPU family produced and sold between 2001 and 2003 by Taiwan-based VIA Technologies Inc.
Academics from the University of California, Riverside (UCR) have published details last week about a new Spectre-class attack that they call SpectreRSB.
Apple acknowledged on Friday that some MacBook and MacBook Pro laptops have faulty keyboards and has offered free service to all affected customers.
Security researchers have uncovered vulnerabilities affecting the firmware of Supermicro server products. Discovered by the Eclypsium team, these vulnerabilities affect both older and newer models of Supermicro products, but the vendor is working on addressing the issues.
Four researchers from the Fraunhofer Institute for Applied and Integrated Safety in Munich, Germany have published a research paper this week detailing a method of recovering data that is normally encrypted by AMD's Secure Encrypted Virtualization (SEV), a safety mechanism designed to encrypt the data of virtual machines running on s
Security researchers from Eclypsium have detailed yesterday a new variation of the Spectre attack that can recover data stored inside a secure CPU area named the System Management Mode (SMM).
Yesterday, at the RSA 2018 security conference, Microsoft announced a new security-focused product named Azure Sphere. According to Microsoft chief financial officer Brad Smith, Microsoft created Azure Sphere for the sole purpose of securing Internet of Things (IoT) devices.
AMD has released CPU microcode updates for processors affected by the Spectre variant 2 (CVE-2017-5715) vulnerability. The company has forwarded these microcode updates to PC and motherboard makers to include them in BIOS updates.
A team of academics from four US universities have discovered a new side-channel attack that takes advantage of the speculative execution feature in modern processors to recover data from users' CPUs.
The Linux Foundation announced a new project called ACRN (pronounced "acorn") that will provide generic code for the creation of hypervisors for IoT devices.
A third-party company that was paid to review the validity of the recent AMD flaws —RyzenFall, MasterKey, Fallout, and Chimera— has confirmed that these vulnerabilities are real, but that regular users shouldn't panic for the time being.
Intel announced today that upcoming CPU models would include brand new hardware-level protections to prevent any future Meltdown and Spectre-like vulnerabilities.
Ilia Luk-Zilberman, the Chief Technical Officer (CTO) of CTS Labs, the company behind yesterday's disclosure of 13 vulnerabilities affecting AMD processors, has published an open letter today, explaining his company's controversial actions that managed to enrage almost the entire tech and security research communities.
AMD is investigating a report published today by an Israeli security firm disclosing the presence of 13 security flaws affecting AMD Ryzen and EPYC processors.
Researchers from the Ben-Gurion University of the Negev in Israel have identified 29 ways in which attackers could use USB devices to compromise users' computers.
A new variation of the Spectre attack has been revealed this week by six scientists from the Ohio State University. Named SgxSpectre, researchers say this attack can extract information from Intel SGX enclaves.
In a press release on Tuesday, Intel announced it resumed the deployment of CPU microcode firmware updates. These updates are meant to mitigate the Spectre Variant 2 vulnerability —CVE-2017-5715.
Lenovo announced yesterday plans to recall tens of thousands of ThinkPad X1 Carbon 5th Generation laptops due to a loose screw that may cause the laptop's battery to catch fire.
Intel said today it is investigating an issue with Broadwell and Haswell CPUs after customers reported higher system reboot rates when they installed firmware updates for fixing the Spectre flaw.
AMD officially admitted today that its processors are not vulnerable to the Meltdown bug, but are affected by both variants of the Spectre flaw.