One Article Review
| Source |  SecurityWeek |
|---|---|
| Identifiant | 532570 |
| Date de publication | 2018-03-21 01:24:01 (vue: 2018-03-21 01:24:01) |
| Titre | AMD Says Patches Coming Soon for Chip Vulnerabilities (Recyclage) |
| Texte | AMD Chip Vulnerabilities to be Addressed Through BIOS Updates - No Performance Impact Expected
After investigating recent claims from a security firm that its processors are affected by more than a dozen serious vulnerabilities, chipmaker Advanced Micro Devices (AMD) on Tuesday said patches are coming to address several security flaws in its chips.
In its first public update after the surprise disclosure of the vulnerabilities by Israeli-based security firm CTS Labs, AMD said the issues are associated with the firmware managing the embedded security control processor in some of its products (AMD Secure Processor) and the chipset used in some socket AM4 and socket TR4 desktop platforms supporting AMD processors.
CTS Labs, which was unheard of until last week, came under fire shortly after its disclosure for giving AMD only a 24-hour notice before going public with its findings, and for apparently attempting to short AMD stock. The company later made some clarifications regarding the flaws and its disclosure method.
CTS Labs claimed that a number of vulnerabilities could be exploited for arbitrary code execution, bypassing security features, stealing data, helping malware become resilient against security products, and damaging hardware.
“AMD has rapidly completed its assessment and is in the process of developing and staging the deployment of mitigations,” the chipmaker wrote in an update on Tuesday. “It's important to note that all the issues raised in the research require administrative access to the system, a type of access that effectively grants the user unrestricted access to the system and the right to delete, create or modify any of the folders or files on the computer, as well as change any settings.”
AMD said that patches will be released through BIOS updates to address the flaws, which have been dubbed MASTERKEY, RYZENFALL, FALLOUT and CHIMERA. The company said that no performance impact is expected for any of the forthcoming mitigations.
AMD attempte |
| Envoyé | Oui |
| Condensat | $24 $26 $300 2018 acquire alto amd analyzing april around backed bay been business charged chip cia cio ciso closely cloud columns coming conference conferences cyber cybersecurity direction director document editorial enterprise equifax evident expand firm forum fundingpalo getelementsbytagname half has his hunting ics industry insertbefore insider landscape leading lennon lennon:amd links mike million millionformer monitoring moon more national networks news oct oversees parentnode patches previous publication raises register role says script security securityweek series several singapore soon space sponsored tags: than threat tradingbugcrowd trends tweet usa var vulnerabilities vulnerabilitiesvirsec vulnerability world years |
| Tags | Guideline |
| Stories | Equifax |
| Notes | |
| Move | 
|
Les reprises de l'article (1):
| Source | SecurityWeek |
|---|---|
| Identifiant | 532255 |
| Date de publication | 2018-03-20 20:26:04 (vue: 2018-03-20 20:26:04) |
| Titre | Virsec Raises $24 Million in Series B Funding |
| Texte | Virsec, a cybersecurity company that protects applications from various attacks, today announced that it has closed a $24 million Series B funding round led by tech investment firm BlueIO.
This latest funding round brings the total amount raised to-date by the company to $32 million. The company previously raised $1 million in seed funding and $7 million in a Series A funding round.
Virsec explains that its technology can protect applications by protecting processes in memory and pinpointing attacks in real-time, within any application. In more detail, the company explains that its Trusted Execution technology “maps acceptable application execution, and instantly detects deviations caused by attacks.”
“The battleground has shifted in cybersecurity and the industry is not keeping up,” said Atiq Raza, CEO of San Jose, California-based Virsec. “With our deep understanding of process memory, control flow, and application context, we have developed a revolutionary solution that stops attacks in their tracks, where businesses are most vulnerable – within applications and processes.”
Additional investors participating in the round include Artiman Ventures, Amity Ventures, Raj Singh, and Boston Seed Capital.
|
| Envoyé | Oui |
| Condensat | $24 $26 $300 $32 $350 2018 acceptable acquire additional alto amity amount analyzing announced any application applications april are around artiman async atiq attacks backed based battleground bay been blueio boston brings businesses businesssplunk california can capital caused ceo charged cia cio ciso closed closely cloud columns com/js/plusone company conference conferences context control createelement cyber cybersecurity date deep detail detects developed deviations direction director document editorial enterprise equifax evident execution expand explains firm flow forum from function funding fundingpalo getelementsbytagname google half has have his https://apis hunting ics include industry insertbefore insider instantly investment investors its jose keeping landscape latest leading led lennon lennon:virsec links management memory mike million millionformer monitoring moon more most national networks news not oct orchestration oversees parentnode participating phantom pinpointing previous previously process processes protect protecting protects publication raised raises raj raza real register revolutionary role round said san script security securityweek seed series several shifted singapore singh solution space sponsored src stops strategy tags: tech technology text/javascript than threat time today total tracks tradingbugcrowd trends true; trusted tweet type understanding usa var various ventures virsec vulnerability vulnerable where within world years “maps “the “with ” |
| Tags | Guideline |
| Stories | Equifax |
| Notes | |
| Move |
|
L'article ne semble pas avoir été repris sur un précédent.