Security researchers from Eclypsium have detailed yesterday a new variation of the Spectre attack that can recover data stored inside a secure CPU area named the System Management Mode (SMM).
Yesterday, at the RSA 2018 security conference, Microsoft announced a new security-focused product named Azure Sphere. According to Microsoft chief financial officer Brad Smith, Microsoft created Azure Sphere for the sole purpose of securing Internet of Things (IoT) devices.
AMD has released CPU microcode updates for processors affected by the Spectre variant 2 (CVE-2017-5715) vulnerability. The company has forwarded these microcode updates to PC and motherboard makers to include them in BIOS updates.
A team of academics from four US universities have discovered a new side-channel attack that takes advantage of the speculative execution feature in modern processors to recover data from users' CPUs.
The Linux Foundation announced a new project called ACRN (pronounced "acorn") that will provide generic code for the creation of hypervisors for IoT devices.
A third-party company that was paid to review the validity of the recent AMD flaws —RyzenFall, MasterKey, Fallout, and Chimera— has confirmed that these vulnerabilities are real, but that regular users shouldn't panic for the time being.
Intel announced today that upcoming CPU models would include brand new hardware-level protections to prevent any future Meltdown and Spectre-like vulnerabilities.
Ilia Luk-Zilberman, the Chief Technical Officer (CTO) of CTS Labs, the company behind yesterday's disclosure of 13 vulnerabilities affecting AMD processors, has published an open letter today, explaining his company's controversial actions that managed to enrage almost the entire tech and security research communities.
AMD is investigating a report published today by an Israeli security firm disclosing the presence of 13 security flaws affecting AMD Ryzen and EPYC processors.
Researchers from the Ben-Gurion University of the Negev in Israel have identified 29 ways in which attackers could use USB devices to compromise users' computers.
A new variation of the Spectre attack has been revealed this week by six scientists from the Ohio State University. Named SgxSpectre, researchers say this attack can extract information from Intel SGX enclaves.
In a press release on Tuesday, Intel announced it resumed the deployment of CPU microcode firmware updates. These updates are meant to mitigate the Spectre Variant 2 vulnerability —CVE-2017-5715.
Lenovo announced yesterday plans to recall tens of thousands of ThinkPad X1 Carbon 5th Generation laptops due to a loose screw that may cause the laptop's battery to catch fire.
Intel said today it is investigating an issue with Broadwell and Haswell CPUs after customers reported higher system reboot rates when they installed firmware updates for fixing the Spectre flaw.
AMD officially admitted today that its processors are not vulnerable to the Meltdown bug, but are affected by both variants of the Spectre flaw.
AMD has fixed, but not yet released BIOS/UEFI/firmware updates for the general public for a security flaw affecting the AMD Secure Processor.
HP announced today "a worldwide voluntary safety recall and replacement program" for laptop batteries it shipped with notebooks or sold as accessories or replacements between December 2015 and December 2017.
Intel pinky-promised today that it will provide firmware updates by the end of next week for 90% of all CPU models it released in the past five years.
Google has just published details on two vulnerabilities named Meltdown and Spectre that in the company's assessment affect "every processor [released] since 1995."
Intel released a statement earlier today denying media reports that upcoming patches for a yet-to-be-disclosed security bug cause huge performance dips for devices using Intel CPUs.