Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2018-05-22 16:24:00 |
New speculative-execution vulnerability strikes AMD, ARM, and Intel (lien direct) |
Fortunately, existing fixes should provide the protection we need. |
|
|
|
|
2018-05-17 18:46:04 |
As the Web moves toward HTTPS by default, Chrome will remove “secure” indicator (lien direct) |
The browser is changing to flag the things that are dangerous, not the ones that are safe. |
|
|
|
|
2018-04-18 15:12:05 |
Microsoft claims to make Chrome safer with new extension (lien direct) |
A purported Edge advantage is now available in Chrome. |
|
|
|
|
2018-04-17 03:00:01 |
Intel, Microsoft to use GPU to scan memory for malware (lien direct) |
The company is also using its processors' performance monitoring to detect malicious code. |
|
|
|
|
2018-04-11 16:32:05 |
AMD systems gain Spectre protection with latest Windows fixes (lien direct) |
Systems will still need updated firmware to get the latest microcode, however. |
|
|
|
|
2018-04-10 18:48:01 |
Practical passwordless authentication comes a step closer with WebAuthn (lien direct) |
Microsoft, Mozilla, and Google are all implementing the new standard. |
|
|
|
|
2018-04-04 17:35:00 |
Intel drops plans to develop Spectre microcode for ancient chips (lien direct) |
Company claims it's too hard, and few systems have exposure to attack. |
|
|
|
|
2018-04-03 20:56:00 |
Google bans cryptomining Chrome extensions because they refuse to play by the rules (lien direct) |
Google continues to try to keep its browser running smoothly in spite of others' efforts. |
|
|
|
|
2018-03-26 22:15:05 |
As predicted, more speculative execution processor attacks are discovered (lien direct) |
New attack focuses on a different part of the speculative execution system. |
|
|
|
|
2018-03-20 22:00:00 |
AMD promises firmware fixes for security processor bugs (lien direct) |
All bugs require administrative access to exploit. |
|
|
|
|
2018-03-15 18:00:01 |
Intel outlines plans for Meltdown and Spectre fixes, microcode for older chips (lien direct) |
Microcodes for Sandy Bridge and newer are now available. |
|
|
|
|
2018-03-13 20:35:01 |
Patch Tuesday drops the mandatory antivirus requirement after all (lien direct) |
Today's patches also include an annoying-looking remote code execution bug. |
|
|
|
|
2018-03-01 18:14:04 |
Intel\'s latest set of Spectre microcode fixes is coming to a Windows update (lien direct) |
Windows users will no longer be beholden to their motherboard makers. |
|
|
|
|
2018-02-21 19:03:03 |
Intel ships (hopefully stable) microcode for Skylake, Kaby Lake, Coffee Lake (lien direct) |
All 6th, 7th, and 8th generation Core processors now have microcode available. |
|
|
|
|
2018-02-16 20:42:05 |
32 lawsuits filed against Intel over Spectre and Meltdown flaws (lien direct) |
Company also accused of failing to act in response to insider trading. |
|
|
|
|
2018-02-12 17:19:01 |
Windows Defender Advanced Threat Protection coming to Windows 7 and 8.1 (lien direct) |
A Windows 10 feature is coming to old platforms. |
|
|
|
|
2018-02-09 19:50:24 |
(Déjà vu) From July on, Chrome will brand plain old HTTP as “Not secure†(lien direct) |
The "Not secure" label will go where the padlock would go for an encrypted connection. |
|
|
|
|
2018-02-09 19:50:02 |
From July on, Chrome will brand plain old HTTP as “Not secure” (lien direct) |
The "Not secure" label will go where the padlock would go for an encrypted connection. |
|
|
|
|
2018-02-08 01:25:16 |
Intel releases new Spectre microcode update for Skylake; other chips remain in beta (lien direct) |
Previous microcode update was reported to cause unwanted system reboots. |
|
|
|
|
2018-01-29 17:08:04 |
New Windows patch disables Intel\'s bad Spectre microcode fix (lien direct) |
Registry keys can also be used to selectively enable or disable the microcode fix. |
|
|
|
|
2018-01-19 18:36:53 |
Malicious Chrome extension is next to impossible to manually remove (lien direct) |
Extensions remain the Achilles heel for an otherwise highly secure browser. |
|
|
|
|
2018-01-15 21:05:29 |
Spectre and Meltdown patches causing trouble as realistic attacks get closer (lien direct) |
Driver incompatibilities and microcode problems are both being reported. |
|
|
|
|
2018-01-11 21:30:10 |
Here\'s how, and why, the Spectre and Meltdown patches will hurt performance (lien direct) |
Now that microcode and patches are starting to ship, a clearer picture is emerging. |
|
|
|
|
2018-01-11 19:46:07 |
Skype finally getting end-to-end encryption (lien direct) |
It'll use the Signal protocol, also used in WhatsApp, Facebook Messenger, and others. |
|
|
|
|
2018-01-09 15:31:08 |
Bad docs and blue screens make Microsoft suspend Spectre patch for AMD machines (lien direct) |
Blue screen crashes on decade-old AMD chips seem to be widespread. |
|
|
|
|
2018-01-05 13:52:41 |
Meltdown and Spectre: Here\'s what Intel, Apple, Microsoft, others are doing about it (lien direct) |
Intel, Microsoft, ARM, and others have responded. We dig in. |
|
|
★★
|
|
2018-01-04 00:30:26 |
“Meltdown†and “Spectreâ€: Every modern processor has unfixable security flaws (lien direct) |
Immediate concern is for Intel chips, but everyone is at risk. |
|
|
|
|
2017-12-14 20:50:29 |
After backlash, animal shelter fires security robot, “effective immediately†(lien direct) |
San Francisco SPCA used Knightscope robot for a month to mitigate vandalism. |
|
|
|
|
2017-12-07 21:50:01 |
Chrome 63 offers even more protection from malicious sites, using even more memory (lien direct) |
Google gives Administrators new ways to lock down the browser. |
|
|
|
|
2017-11-17 21:24:54 |
How to fix a program without the source code? Patch the binary directly (lien direct) |
Microsoft abandons typical Patch Tuesday playbook to fix Equation Editor flaw. |
|
|
|
|
2017-11-14 14:00:56 |
Firefox\'s faster, slicker, slimmer Quantum edition now out (lien direct) |
It's as much as twice as fast as it was a year ago. |
|
|
|
|
2017-10-19 23:48:02 |
Facebook is struggling to meet the burden of securing itself, security chief says (lien direct) |
Chief Security Officer described security report as a “very painful process.†|
|
|
|
|
2017-09-21 17:55:37 |
If Bill Gates really thinks ctrl-alt-del was a mistake, he should have fixed it himself (lien direct) |
You can't pin the blame for this one on IBM. |
|
|
|
|
2017-09-21 00:26:46 |
Microsoft: Windows getting more stable, faster, and lasting longer on battery (lien direct) |
Even as Windows 10 users grow, support calls are declining. |
|
|
|
|
2017-09-14 19:03:26 |
Azure Confidential Computing will keep data secret, even from Microsoft (lien direct) |
Virtual machines and hardware features will provide secrecy. |
|
|
|
|
2017-09-14 15:28:15 |
Apple says Face ID didn\'t actually fail during its iPhone X event (lien direct) |
The iPhone maker says its new face unlocking tech worked as intended. |
|
|
|
|
2017-09-13 19:35:33 |
Kaspersky software banned from US government agencies (lien direct) |
Kaspersky: We have “never helped, nor will help, any government with cyberespionage.†|
|
|
|
|
2017-08-25 19:40:03 |
Leak of >1,700 valid passwords could make the IoT mess much worse (lien direct) |
List of unsecured devices lived in obscurity since June. Now, it's going mainstream. |
|
|
|
|
2017-08-18 12:27:29 |
Secret chips in replacement parts can completely hijack your phone\'s security (lien direct) |
Booby-trapped touchscreens can log passwords, install malicious apps, and more. |
|
|
|
|
2017-08-15 08:00:38 |
Building America\'s Trust Act would amp up privacy concerns at the border (lien direct) |
Civil libertarians tell Ars they're worried about “mass surveillance expansion.†|
|
|
|
|
2017-08-03 15:45:25 |
After phishing attacks, Chrome extensions push adware to millions (lien direct) |
Compromised accounts push fraudulent extension updates to unsuspecting users. |
|
|
|
|
2017-07-26 20:28:19 |
Microsoft expands bug bounty program to cover any Windows flaw (lien direct) |
Now every part of Windows is covered by a bug bounty scheme. |
|
|
|
|
2017-07-24 23:08:34 |
“Perverse†malware infecting hundreds of Macs remained undetected for years (lien direct) |
Surveillance malware dubbed Fruitfly was easy to spot but flew under the radar anyway. |
|
|
|
|
2017-07-21 18:55:14 |
Microsoft\'s secret weapon in ongoing struggle against Fancy Bear? Trademark law (lien direct) |
"Redirecting…Strontium domains will directly disrupt current Strontium infrastructure." |
|
APT 28
|
|
|
2017-07-20 21:57:55 |
Google drops the boom on WoSign, StartCom certs for good (lien direct) |
Citing “certificate misissuance,†Google to expire all certs from offenders by September. |
|
|
|
|
2017-07-20 16:05:39 |
FCC has no documentation of DDoS attack that hit net neutrality comments (lien direct) |
Records request denied because FCC made no "written documentation" of attack. |
|
|
|
|
2017-07-19 18:03:14 |
Russian man who helped create notorious malware sentenced to 5 years (lien direct) |
DOJ: Citadel led to $500 million in losses for banks. |
|
|
|
|
2017-07-18 17:25:29 |
Security experts from Google, Facebook, Crowdstrike want to save US elections (lien direct) |
"Defending Digital Democracy" will "generate innovative ideas" to safeguard democracy. |
|
|
|
|
2017-07-13 16:08:06 |
Samba puts out new security update to address exploit that fueled WannaCry (lien direct) |
Vuln hit "all versions of Samba from 4.0.0 onward using embedded Heimdal Kerberos." |
|
Wannacry
|
|
|
2017-07-12 17:15:42 |
Miscreants have been pillaging credit cards from Trump Hotels\' booking system (lien direct) |
Hacks across 14 properties began in July 2016 and were stopped in March 2017. |
|
|
|