Intel halts firmware updates for Meltdown, Spectre after identifying reboot issues

Security Digest Information security news and advice from TechTarget's network |January 24, 2018 FEATURED STORY Intel Meltdown patches pulled with little explanation by Michael Heller, Senior Reporter Intel claims it has determined why the Spectre and Meltdown patches caused issues on some chips. The vendor is working on a fix and suggests users don't patch for now. (SearchSecurity.com) Advertisement NEWS   Gemalto Sentinel flaws could lead to ICS attacks Security researchers found 14 vulnerabilities in Gemalto Sentinel hardware tokens which could allow dangerous ICS attacks, including full system takeover. (SearchSecurity.com)   Okiru malware puts billions of connected devices at risk News roundup: Okiru, a new Mirai variant, could put over 1.5 billion devices at risk of a botnet. Plus, G Suite Enterprise now comes with a security center, and more. (SearchSecurity.com)   Risk & Repeat: Let's Encrypt certificates offer pros, cons In this week's Risk & Repeat podcast, SearchSecurity editors discuss Let's Encrypt certificates and weigh the positives and negatives the free certificate authority provides. (SearchSecurity.com)   Trisis ICS malware was publicly available after attack The Trisis ICS malware used in a cyberattack on an oil and gas company in Saudi Arabia in December has been publicly available for weeks after being copied by unknown actors. (SearchSecurity.com)   The strange case of the 'HP backdoor' in Lenovo switches Lenovo's discovery of an authentication bypass, literally titled "HP backdoor," within its networking switches brings unsettling implications for the IT industry. (SearchSecurity.com)   Skygofree Android spyware is a powerful surveillance tool A new Android spyware tool called Skygofree was described as one of the most powerful surveillance tools and can even capture encrypted messages from WhatsApp. (SearchSecurity.com) EXPERT ADVICE   Insider threat behavior: How to identify warning signs Enterprises can prevent insider threat incidents if they know what to look for. Peter Sullivan explains the precursors to and precipitating events for insider threat behavior. (SearchSecurity.com)   How HTTP security headers can defend enterprise systems HTTP security headers that have the right configurations can be used as defense methods against cyberattacks. Expert Judith Myerson outlines how to use headers this way. (SearchSecurity.com)   TLS 1.3: What it means for enterprise cloud use The latest draft version of TLS 1.3 is out, and it will likely affect enterprises that use cloud services. Expert Ed Moyle explains the impact on users and their monitoring controls. (SearchCloudSecurity.com)   Are you next-gen secure? Defense-in-depth security key to IT Consider security compliance regulations for your industry as a starting point and a guide for planning your specific approach to enterprise endpoint protection. (SearchSecurity.com) About This E-Newsletter This e-newsletter is published by the TechTarget network. To unsubscribe from Security Digest, click here. Please note, this will not affect any other subscriptions you have signed up for. TechTarget Security Media Group, 275 Grove Street, Newton, MA 02466. Contact: webmaster@techtarget.com Copyright 2017 TechTarget. All rights reserved.