Wednesday, January 24, 2018

Intel halts firmware updates for Meltdown, Spectre after identifying reboot issues

Security Digest
Information security news and advice from TechTarget's network |January 24, 2018
TechTarget
FEATURED STORY
Intel Meltdown patches pulled with little explanation
by Michael Heller, Senior Reporter

Intel claims it has determined why the Spectre and Meltdown patches caused issues on some chips. The vendor is working on a fix and suggests users don't patch for now. (SearchSecurity.com)

Advertisement
NEWS
 
Gemalto Sentinel flaws could lead to ICS attacks

Security researchers found 14 vulnerabilities in Gemalto Sentinel hardware tokens which could allow dangerous ICS attacks, including full system takeover. (SearchSecurity.com)

 
 
Okiru malware puts billions of connected devices at risk

News roundup: Okiru, a new Mirai variant, could put over 1.5 billion devices at risk of a botnet. Plus, G Suite Enterprise now comes with a security center, and more. (SearchSecurity.com)

 
Risk & Repeat: Let's Encrypt certificates offer pros, cons
In this week's Risk & Repeat podcast, SearchSecurity editors discuss Let's Encrypt certificates and weigh the positives and negatives the free certificate authority provides. (SearchSecurity.com)
 
 

Trisis ICS malware was publicly available after attack

The Trisis ICS malware used in a cyberattack on an oil and gas company in Saudi Arabia in December has been publicly available for weeks after being copied by unknown actors. (SearchSecurity.com)

 
The strange case of the 'HP backdoor' in Lenovo switches
Lenovo's discovery of an authentication bypass, literally titled "HP backdoor," within its networking switches brings unsettling implications for the IT industry. (SearchSecurity.com)
 
Skygofree Android spyware is a powerful surveillance tool
A new Android spyware tool called Skygofree was described as one of the most powerful surveillance tools and can even capture encrypted messages from WhatsApp. (SearchSecurity.com)
 
 
 
EXPERT ADVICE
 
Insider threat behavior: How to identify warning signs

Enterprises can prevent insider threat incidents if they know what to look for. Peter Sullivan explains the precursors to and precipitating events for insider threat behavior. (SearchSecurity.com)

 
How HTTP security headers can defend enterprise systems
HTTP security headers that have the right configurations can be used as defense methods against cyberattacks. Expert Judith Myerson outlines how to use headers this way. (SearchSecurity.com)
 
 
 
 

TLS 1.3: What it means for enterprise cloud use

The latest draft version of TLS 1.3 is out, and it will likely affect enterprises that use cloud services. Expert Ed Moyle explains the impact on users and their monitoring controls. (SearchCloudSecurity.com)

 
 
Are you next-gen secure? Defense-in-depth security key to IT

Consider security compliance regulations for your industry as a starting point and a guide for planning your specific approach to enterprise endpoint protection. (SearchSecurity.com)

About This E-Newsletter
This e-newsletter is published by the TechTarget network. To unsubscribe from Security Digest, click here. Please note, this will not affect any other subscriptions you have signed up for.

TechTarget Security Media Group, 275 Grove Street, Newton, MA 02466. Contact: webmaster@techtarget.com

Copyright 2017 TechTarget. All rights reserved.
TechTarget

No comments: