The AMD EPYC Server processor chips have insufficient access control for protected memory regions, aka FALLOUT-1, FALLOUT-2, and...
9CVSS
9.1AI Score
0.005EPSS
The AMD Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient access control for the Secure Processor, aka...
9CVSS
9.1AI Score
0.004EPSS
The AMD Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient access control for the Secure Processor, aka...
9CVSS
9.1AI Score
0.004EPSS
The AMD EPYC Server processor chips have insufficient access control for protected memory regions, aka FALLOUT-1, FALLOUT-2, and...
9CVSS
9.1AI Score
0.005EPSS
The AMD EPYC Server processor chips have insufficient access control for protected memory regions, aka FALLOUT-1, FALLOUT-2, and...
9CVSS
9.2AI Score
0.005EPSS
The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient enforcement of Hardware Validated Boot, aka MASTERKEY-1, MASTERKEY-2, and...
9CVSS
9.1AI Score
0.004EPSS
The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips allow Platform Security Processor (PSP) privilege...
9CVSS
9.1AI Score
0.004EPSS
The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient enforcement of Hardware Validated Boot, aka MASTERKEY-1, MASTERKEY-2, and...
9CVSS
9.2AI Score
0.004EPSS
The AMD Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient access control for the Secure Processor, aka...
9CVSS
9.1AI Score
0.004EPSS
The AMD Ryzen and Ryzen Pro processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-2, RYZENFALL-3, and...
9CVSS
9AI Score
0.004EPSS
The AMD Ryzen and Ryzen Pro processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-2, RYZENFALL-3, and...
9CVSS
9.1AI Score
0.004EPSS
The AMD Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient access control for the Secure Processor, aka...
9.2AI Score
0.004EPSS
The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips allow Platform Security Processor (PSP) privilege...
9.2AI Score
0.004EPSS
The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient enforcement of Hardware Validated Boot, aka MASTERKEY-1, MASTERKEY-2, and...
9.2AI Score
0.004EPSS
The AMD Ryzen and Ryzen Pro processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-2, RYZENFALL-3, and...
9.2AI Score
0.004EPSS
The AMD EPYC Server processor chips have insufficient access control for protected memory regions, aka FALLOUT-1, FALLOUT-2, and...
9.2AI Score
0.005EPSS
AMD Acknowledges Vulnerabilities, Will Roll Out Patches In Coming Week
AMD on Tuesday acknowledged several vulnerabilities that had been previously reported in its Ryzen and EPYC chips, and said that it would roll out firmware patches for those flaws in the coming weeks. The response comes a week after Israel-based CTS-Labs said that it has discovered 13 critical...
-0.3AI Score
15-Year-old Finds Flaw in Ledger Crypto Wallet
A 15-year-old security researcher has discovered a serious flaw in cryptocurrency hardware wallets made by Ledger, a French company whose popular products are designed to physically safeguard public and private keys used to receive or spend the user’s cryptocurrencies. Ledger's Nano-S...
7AI Score
Israeli Security Attacks AMD by Publishing Zero-Day Exploits
Last week, the Israeli security company CTS Labs published a series of exploits against AMD chips. The publication came with the flashy website, detailed whitepaper, cool vulnerability names -- RYZENFALL, MASTERKEY, FALLOUT, and CHIMERA -- and logos we've come to expect from these sorts of things.....
6.8AI Score
Intel Details CPU ‘Virtual Fences’ Fix As Safeguard Against Spectre, Meltdown Flaws
Intel introduced hardware-based protections to its new chips to protect against the Spectre and Meltdown flaws that rocked the silicon industry when the vulnerabilities were made public in early 2018. Spectre and Meltdown, which account for three variants of a side-channel analysis security issue.....
2.2AI Score
0.974EPSS
Hyperbole Swirls Around AMD Processor Security Threat
Maybe it was the exaggerated threats against AMD’s business or the semi-unprofessional way the threats were brought to light but no matter — security start-up CTS-Labs claims of security holes in the chipmaker’s Ryzen and Epic processor lines are now being lambasted across the security community......
-0.5AI Score
AMD Investigating Reports of 13 Critical Vulnerabilities Found in Ryzen, EPYC Chips
Researchers on Tuesday said they found several critical security vulnerabilities in various AMD chips, allegedly opening them up to attackers who want to steal sensitive data and install malware on AMD servers, workstations and laptops. Israel-based CTS-Labs said that it has discovered 13 critical....
0.8AI Score
This Week in Security News: Trends and Tea Parties
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, the U.S. official in charge of election security was replaced, Trend Micro hosted a tea party in rural Taiwan, and a new cryptocurrency minor....
-0.1AI Score
0.972EPSS
Intel Releases Updated Spectre Fixes For Broadwell and Haswell Chips
Intel has issued updated microcode to help safeguard its Broadwell and Haswell chips from the Spectre Variant 2 security exploits. According to Intel documents, an array of its older processors, including the Broadwell Xeon E3, Broadwell U/Y, Haswell H,S and Haswell Xeon E3 platforms, have now...
2.4AI Score
Intel Issues Updated Spectre Firmware Fixes For Newer Processors
Intel has issued updated microcode to help protect its newer processors from Spectre security exploits. The Santa Clara, Calif.-based company’s new microcode updates – which impact its newer chip platforms, such as Kaby Lake, Coffee Lake, and Skylake – have been released to OEM customers and...
1.1AI Score
Security update for the Linux Kernel (important)
The SUSE Linux Enterprise 12 SP2 Realtime kernel was updated to 4.4.114 to receive various security and bugfixes. The following security bugs were fixed: CVE-2017-5715: Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized ...
8.4AI Score
0.975EPSS
Hackers Hit the Olympics, While Patch Tuesday and Meltdown / Spectre Keep IT Departments On Edge
This week offered a representative sampling of different corners of the cyber security world: The monthly Patch Tuesday, a brazen attack against the Olympics, new Meltdown and Spectre concerns, and a boost for Intel’s bug bounty program. Oh, and the gargantuan Equifax data breach may have been...
7.3AI Score
0.976EPSS
Intel Expands Bug Bounty Program Post-Spectre and Meltdown
In the wake of the Spectre and Meltdown bugs, Intel has rolled out a significant expansion of its bug bounty program. Intel first launched the program in March 2017. The big changes include a shift from an invitation-only format to one that is open to all security researchers. One key addition is.....
1.1AI Score
openSUSE Security Update : the Linux Kernel (openSUSE-2018-153) (Spectre)
The openSUSE Leap 42.3 kernel was updated to 4.4.114 to receive various security and bugfixes. The following security bugs were fixed : CVE-2017-5715: Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of...
9.8CVSS
8.8AI Score
0.975EPSS
Security update for the Linux Kernel (important)
The SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.114 to receive various security and bugfixes. The following security bugs were fixed: CVE-2017-5715: Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized ...
8.5AI Score
0.975EPSS
Security update for the Linux Kernel (important)
The openSUSE Leap 42.3 kernel was updated to 4.4.114 to receive various security and bugfixes. The following security bugs were fixed: CVE-2017-5715: Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of...
8.7AI Score
0.975EPSS
Lenovo Warns Critical WiFi Vulnerability Impacts Dozens of ThinkPad Models
Lenovo warned customers on Friday that two critical Broadcom vulnerabilities impacts 25 models of its popular ThinkPad brand. The vulnerabilities were first revealed in September and originally they were only reported to impact specific Broadcom chipsets used in Apple iPhones, Apple TV and Android....
1.1AI Score
0.008EPSS
Intel Releases New Spectre Patch Update for Skylake Processors
After leaving million of devices at risk of hacking and then rolling out broken patches, Intel has now released a new batch of security patches only for its Skylake processors to address one of the Spectre vulnerabilities (Variant 2). For those unaware, Spectre (Variant 1, Variant 2) and...
6.9AI Score
Security update for the Linux Kernel (important)
The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.114 to receive various security and bugfixes. The following security bugs were fixed: CVE-2017-5715: Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized ...
8.6AI Score
0.975EPSS
Samsung is working on producing cryptocurrency mining chips
By Uzair Amir Samsung cryptocurrency mining chips called application-specific integrated circuits (ASICs) will This is a post from HackRead.com Read the original post: Samsung is working on producing cryptocurrency mining...
7AI Score
The Effects of the Spectre and Meltdown Vulnerabilities
On January 3, the world learned about a series of major security vulnerabilities in modern microprocessors. Called Spectre and Meltdown, these vulnerabilities were discovered by several different researchers last summer, disclosed to the microprocessors' manufacturers, and patched -- at least to.....
7.3AI Score
Remote Code Execution on the Smiths Medical Medfusion 4000
Remote Code Execution on the Smiths Medical Medfusion 4000 In which we detail the process of vulnerability research on a life critical embedded system: a medical infusion pump. Table of Contents Remote Code Execution on the Smiths Medical Medfusion 4000 Table of Contents Summary Introduction Why...
9.5AI Score
0.327EPSS
EU Antitrust Regulators Fine Qualcomm $1.2 Billion Over Apple Deal
The antitrust fine has hit Qualcomm badly. The European Commission has levied a fine of €997 Million, approximately $1.2 Billion, against U.S. chipmaker Qualcomm Inc. for violating antitrust laws in a series of deals with Apple by "abusing its market dominance in LTE baseband chipsets." ...
6.7AI Score
Intel Says Firmware Fixes for Spectre and Meltdown Affecting Newer Chips
Intel’s efforts to issue fixes for the Spectre and Meltdown CPU vulnerabilities are still hitting some bumps in the road, a company executive said in a blog post. “We have now issued firmware updates for 90 percent of Intel CPUs introduced in the past five years, but we have more work to do,” said....
AI Score
Meltdown / Spectre Mitigation Is a Work in Progress
Since researchers disclosed the Meltdown and Spectre vulnerabilities on Jan. 3, vendors and IT departments have been consumed trying to figure out how to properly address the potentially devastating effects of these kernel-level bugs. By now, one thing we know for sure is that dealing with the...
7AI Score
This Week in Security News: Meltdowns and Hijacks
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, we saw discussions on the vulnerabilities of chat bots and AI programs, and the types of software that may not be safe from malware and...
6.8AI Score
Meltdown and Spectre fallout: patching problems persist
Last week, the disclosure by multiple teams from Graz and Pennsylvania University, Rambus, Data61, Cyberus Technology, and Google Project Zero of vulnerabilities under the aliases Meltdown and Spectre rocked the security world, sending vendors scurrying to create patches, if at all possible, and...
5.6CVSS
6.9AI Score
0.976EPSS
Microsoft’s Jan. 2018 Patch Tuesday Lowdown
Microsoft on Tuesday released 14 security updates, including fixes for the Spectre and Meltdown flaws detailed last week, as well as a zero-day vulnerability in Microsoft Office that is being exploited in the wild. Separately, Adobe pushed a security update to its Flash Player software. Last...
7.8CVSS
8.2AI Score
0.971EPSS
Understanding the performance impact of Spectre and Meltdown mitigations on Windows Systems
Last week the technology industry and many of our customers learned of new vulnerabilities in the hardware chips that power phones, PCs and servers. We (and others in the industry) had learned of this vulnerability under nondisclosure agreement several months ago and immediately began developing...
7.2AI Score
Understanding the performance impact of Spectre and Meltdown mitigations on Windows Systems
Last week the technology industry and many of our customers learned of new vulnerabilities in the hardware chips that power phones, PCs and servers. We (and others in the industry) had learned of this vulnerability under nondisclosure agreement several months ago and immediately began developing...
7.2AI Score
The Spectre of Chips on Meltdown
The news is rife with emerging details of Intel and other chip vulnerabilities and the hardware bugs that can potentially exploit them. While details are still developing and will likely continue to be uncovered in the days, weeks, and even months ahead, we will explore what is known to...
2.3AI Score
January 5, 2017 – Morning Cyber Coffee Headlines – “Monopoly” Edition
Good morning! Sit with Carbon Black this morning over a cup of coffee (or tea) and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! January 5, 2018 - Headlines Carbon Black in the News: Cybersecurity news...
6.7AI Score
[Guide] How to Protect Your Devices Against Meltdown and Spectre Attacks
Recently uncovered two huge processor vulnerabilities called Meltdown and Spectre have taken the whole world by storm, while vendors are rushing out to patch the vulnerabilities in its products. The issues apply to all modern processors and affect nearly all operating systems (Windows, Linux,...
6.4AI Score
0.976EPSS
Vendors Share Patch Updates on Spectre and Meltdown Mitigation Efforts
Intel, Amazon, Microsoft and others are playing down concerns over the impact of the massive Spectre and Meltdown vulnerabilities affecting computers, servers and mobile devices worldwide. The two flaws, Spectre and Meltdown, are far reaching and impact a wide range of microprocessors used in the.....
0.6AI Score
0.976EPSS
After a week or so of rumors, everyone is now reporting about the Spectre and Meltdown attacks against pretty much every modern processor out there. These are side-channel attacks where one process can spy on other processes. They affect computers where an untrusted browser window can execute...
7.4AI Score