Vulnerabilities

Google details CPU flaws, claims AMD, ARM and Intel all affected

Google details CPU flaws, claims AMD, ARM and Intel all affected

Google has come forward to claim responsibility for discovering a pair of serious security holes in Intel processors that run almost 9 in 10 computers in the world. And worse: the company has echoed a statement by Intel yesterday that the flaws are not specific to that company’s chips. Contrary to published reports, a blog post on the Google Security Blog by Matt Linton, a Senior Security Engineer at Google and Pat Parseghian, a Technical Program Manager said that flaws dubbed “Specter” (PDF) and “Meltdown” (PDF) are not limited to chips by Intel, but exist in central processing unit (CPU) chips by a wide range of vendors including Intel, AMD and ARM. Google discovered the flaws The flaws were discovered by Jann Horn, a researcher for Google’s Project Zero security team, discovered the flaw and showed how malicious actors could game a common CPU feature known as “speculative execution” to […]

Uber paid $100,000 to a Florida man to keep quiet about the theft of its customer data. The repercussions could damage the reputation of bounty programs, experts warn.

Podcast: will Uber’s Florida Man Problem chill Bug Bounties?

Podcast: Play in new window | DownloadSubscribe: Android | RSSIn our latest podcast: the ride sharing firm Uber finds itself on the wrong side of a Florida Man story after paying $100,000 in hush money to a man from The Sunshine State who stole information on 57 million Uber customers. We speak with Katie Moussouris about how the company’s actions could affect the future of the young vulnerability disclosure industry. Also: with BitCoins trading for $16,000 each, Wandera researcher Dan Cuddeford joins us to talk about mobile crypto-jacking schemes that hijack mobile devices to mine crypto currencies. And we invite Alan Brill of the firm Kroll back to discuss recent House of Representatives hearings on the future of authentication in an age of rampant data sharing and data theft.

Cisco said that it discovered a slew of new flaws in Foscam's indoor IP cameras that could expose the devices to remote attacks.

Cisco Talos finds More Flaws in Foscam Cameras

Cisco Systems is warning the public about a range of new vulnerabilities it has discovered in IP cameras from the firm Foscam, a popular maker of commercial and consumer surveillance cameras, the second trove of software security holes uncovered since June.