New Spectre variant introduces additional side channel risks

Security Digest Information security news and advice from TechTarget's network| May 23, 2018 FEATURED STORY Newly disclosed Spectre variant 4 brings more side channel concerns by Rob Wright, Associate Editorial Director A new Spectre vulnerability was disclosed this week, adding to concerns about side channel attacks exploiting speculative execution in modern processors. (SearchSecurity.com) Advertisement NEWS   Recorded Future: Iranian cyberattacks poised to resume Recorded Future's Levi Gundert explains why major cyberattacks against Western enterprises are expected to resume following the United States' withdrawal from the Iran nuclear deal. (SearchSecurity.com)   North Korean hackers linked to Google Play spyware The 'Sun Team' group of North Korean hackers placed malicious apps in the Google Play store to target defectors and steal personal data such as photos, contacts and SMS messages. (SearchSecurity.com)   Risk & Repeat: Why Ray Ozzie's Clear proposal isn't so clear In this week's Risk & Repeat podcast, SearchSecurity editors discuss Ray Ozzie's solution for going dark, known as Clear, and what infosec experts are saying about it. (SearchCloudSecurity.com)   Securus hack exposes law enforcement customers of location tracking Following news that it provides near real-time location data to law enforcement without warrants, a Securus hack exposed information on those law enforcement customers. (SearchSecurity.com)   Telegrab malware threatens Telegram desktop users News roundup: Telegrab malware enables hackers to grab encryption keys and browser credentials from Telegram sessions. Plus, DHS released its new cybersecurity strategy, and more. (SearchSecurity.com)   Vault 7 leak suspect is a former CIA employee already in custody The U.S. government has identified a man already in custody on unrelated charges as the suspect in the Vault 7 leak, but it is unclear how much evidence supports the case. (SearchCloudSecurity.com) EXPERT ADVICE   DeOS attacks: How enterprises can mitigate the threat An increase in DeOS attacks has been reported just as the 'Cisco 2017 Midyear Cybersecurity Report' predicted. Learn how these attacks target off-site backups with David Geer. (SearchSecurity.com)   How to prevent cloud cryptojacking attacks on your enterprise As the value of bitcoin has risen over the last year, so has the prevalence of cloud cryptojacking attacks. Expert Rob Shapland explains how enterprises can prevent these attacks. (SearchCloudSecurity.com)   Are Meltdown and Spectre real vulnerabilities or mere flaws? There's been some debate over whether Meltdown and Spectre are true vulnerabilities. Expert Michael Cobb discusses what qualifies as a vulnerability and if these two make the cut. (SearchSecurity.com)   How does the Terror exploit kit spread through malicious ads Zscaler recently discovered a malvertising campaign that spreads the Terror exploit kit through malicious ads. Discover more about the threat with expert Nick Lewis. (SearchSecurity.com) About This E-Newsletter This e-newsletter is published by the TechTarget network. To unsubscribe from Security Digest, click here. Please note, this will not affect any other subscriptions you have signed up for. TechTarget Security Media Group, 275 Grove Street, Newton, MA 02466. Contact: webmaster@techtarget.com Copyright 2018 TechTarget. All rights reserved.