Intel Halts Spectre Fixes On Older Chips, Citing Limited Ecosystem Support

Intel has halted patches for an array of older chips that would protect them against the Spectre vulnerability, according to a recent microcode update.
The microcode update[1] shows that its older products – including Wolfdale, Bloomfield, Clarksfield, Gulftown, Harpertown, Jasper Forest, SoFIA 3GR, and Yorkfield – will no longer receive patches. Read More

Uncategorized,Security & Privacy,Cloud Security




GoScanSSH Malware Targets SSH Servers, But Avoids Military and .GOV Systems

Researchers have identified a new malware family, dubbed GoScanSSH, that targets public facing SSH servers, but avoids those linked to government and military IP addresses.
The malware has been in the wild since June 2017 and exhibits a number of unique characteristics, such as being written in the Go (Golang) programming language, avoiding military targets and tailoring malware binaries for each target, according to Cisco Talos, which first identified the malware and posted research about it on Monday[1]. Read More

Uncategorized,Security & Privacy,Cloud Security


Senate Gives Nod To Controversial Cross-Border Data Access Bill

The United States Senate on Thursday approved a controversial cross-border data access act, dubbed the CLOUD Act, that was part of the overall omnibus government spending bill.
Buried on page 2,201 of the government spending bill is the Clarifying Lawful Overseas Use of Data Act (the CLOUD Act), a provision that sets rules for how the government should handle accessing personal data that is stored by tech platforms abroad. For the US specifically, the bill would permit law enforcement to access citizens’ information that is stored on systems in a different country, given that they have a US court-approved subpoena. Read More

Uncategorized,Security & Privacy,Cloud Security


Orbitz Warns 880,000 Payment Cards Suspected Stolen

Expedia-owned travel site Orbitz said Tuesday a possible breach of both its consumer and partner platforms may have led to the disclosure of 880,000 payment cards.
According to Expedia, criminals had access to Orbitz consumer and business partner platforms, but not the Orbitz.com website. The consumer side of the Orbitz business platform was open to attack during the first half of 2016, while the partner platform was open to attacked between Jan. 1, 2016 and Dec. 22, 2017, according to Expedia. Read More

Uncategorized,Security & Privacy,Cloud Security