New side-channel attack for Intel chips puts private data at risk

Security Digest Information security news and advice from TechTarget's network| November 7, 2018 FEATURED STORY PortSmash side-channel attack targets Intel Hyper-Threading by Michael Heller, Senior Reporter The latest side-channel attack against Intel chips, known as PortSmash, targets Hyper-Threading in order to steal data, such as private OpenSSL keys from a TLS server. (SearchSecurity.com) Advertisement NEWS   Latest Symantec acquisitions target endpoint security Endpoint security startups Appthority and Javelin Networks are the latest Symantec acquisitions as the cybersecurity giant aims to improve its endpoint protection product. (SearchSecurity.com)   As PHP v5 nears its end, enterprises face serious threats The majority of websites still use the outdated PHP v5, according to recent data, causing concern over the fact that it will stop receiving security support at the end of the year. (SearchSecurity.com)   Kraken ransomware gets packaged into Fallout EK Malwarebytes' report, 'Cybercrime Tactics and Techniques Q3 2018,' highlights how businesses became the focus of cyberattacks versus consumers over the past three months. (SearchSecurity.com)   Bleedingbit vulnerabilities put Wi-Fi access points at risk Armis researchers discovered two chip-level Bluetooth vulnerabilities -- dubbed Bleedingbit -- that could allow pseudo-remote code execution on wireless access points. (SearchSecurity.com)   SamSam ransomware campaigns continue to target U.S. in 2018 News roundup: SamSam ransomware targeted 67 organizations in 2018, according to research. Plus, Equifax is sending its breach victims to Experian for credit monitoring, and more. (SearchSecurity.com)   Radisson hotel group could be GDPR test case Privacy watchers say the breach of personal data of members of the Radisson Hotel Group’s loyalty scheme could be an interesting test case for how the GDPR will be applied. (ComputerWeekly.com) EXPERT ADVICE   What Microsoft's InPrivate Desktop feature could mean for enterprises Microsoft's secretive, potential new feature InPrivate Desktop could give security teams access to disposable sandboxes. Expert Ed Moyle explains how the feature could work. (SearchCloudSecurity.com)   How testing perspectives helps find application security flaws Application security testing requires users to test from all the right perspectives. Discover testing techniques that help find application security flaws with expert Kevin Beaver. (SearchSecurity.com)   How deception technologies improve threat hunting, response Deception tech tools enable more effective threat hunting and incident response. Learn how these tools can give security pros an edge in defending their company systems and data. (SearchSecurity.com)   How does the public Venmo API pose a threat for users? The public Venmo API setting puts users at risk by providing detailed insight into their transactions and personal lives. Expert Michael Cobb discusses the risks of public APIs. (SearchSecurity.com) About This E-Newsletter This e-newsletter is published by the TechTarget network. To unsubscribe from Security Digest, click here. Please note, this will not affect any other subscriptions you have signed up for. TechTarget Security Media Group, 275 Grove Street, Newton, MA 02466. Contact: webmaster@techtarget.com Copyright 2018 TechTarget. All rights reserved.