AMD Acknowledges Vulnerabilities, Will Roll Out Patches In Coming Weeks

AMD on Tuesday acknowledged several vulnerabilities that had been reported in its Ryzen and EPYC chips, and said that it would roll out PSP firmware patches in the coming week.

Telegram Ordered to Hand Over Encryption Keys to Russian Authorities

Popular secure messaging service Telegram loses battle with Russian courts and now must hand over encryption keys or face being blocked from the country.

Programs Controlling ICS Robotics Are ‘Wide Open’ to Vulnerabilities

Dewan Chowdhury, founder of MalCrawler, talks at SAS about the risks that companies face when securing their industrial control systems and robotics.

Researchers Show How Popular Text Editors Can Be Attacked Via Third-Party...

Security risk in extensible text editors enable hackers to abuse plugins and escalate privileges.

Facebook Data Privacy Policies Bashed By Critics After Cambridge Analytica Incident

Facebook is in hot water after acknowledging that a consulting group – that has worked on several high profile political campaigns, including that of President Donald Trump's – used the social media platform to harvest the data of 50 million users.

A Mirai Botnet Postscript: Lessons Learned

Threatpost's Tom Spring sits down with Flashpoint and Akamai to discuss how the two companies worked together to address the 2016 Mirai DDoS attacks.

VU#306792: Bouncy Castle BKS-V1 keystore files vulnerable to trivial hash collisions

Bouncy Castle BKS version 1 keystore files use an HMAC that is only 16 bits long,which can allow an attacker to crack a BKS-V1 keystore file in seconds.

Cisco Umbrella Dashboard Session Expiration Issue

Cisconbsp;Umbrella uses the internet infrastructure to block connections to malicious destinations before any connections to those destinations can be established.

Cisconbsp;Umbrella also provides visibility into internet activity across all devi...

New Microsoft Bug Bounty Program Looks To Squash The Next Spectre,...

Microsoft is looking to target new speculative execution side channel vulnerabilities - similar to Spectre and Meltdown - with a new bug bounty program.

The ‘Perfect Storm’ of Disinformation and Hacking

Matt Tait gives a list of examples throughout history where politically motivated groups have used disinformation and hacking as part of a campaign to shape public opinion.

Intel Details CPU ‘Virtual Fences’ Fix As Safeguard Against Spectre, Meltdown...

Intel is introducing hardware-based protections to its new chips to protect against the Spectre and Meltdown flaws that rocked the silicon industry when they were announced in early 2018.

GandCrab Ransomware Crooks Take Agile Development Approach

Despite setbacks hackers behind GandCrab malware are pushing ahead with lucrative new ransomware strain thanks to quick-and-dirty agile development approach.