Cybersecurity

RAMBleed vulnerability

A team of researchers representing several universities has disclosed the details a new type of side-channel attack: Researchers show with RAMBleed that it’s possible to use Rowhammer-style side-channel attacks to read protected memory. RAMBleed takes Rowhammer in a new direction. Rather than using bit flips to alter sensitive data, the new technique exploits the hardware

Cyber security news in June 2019

This posting is here to collect cyber security news in June 2019. I post links to security vulnerability news to comments of this article. If you are interested in cyber security trends, read my Cyber security trends 2019 posting. You are also free to post related links.  

Deep Dive: Intel Analysis of Microarchitectural Data Sampling

https://software.intel.com/security-software-guidance/insights/deep-dive-intel-analysis-microarchitectural-data-sampling This technical deep dive expands on the information in the Microarchitectural Data Sampling (MDS) guidance. Be sure to review the disclosure overview for software developers first and apply any microcode updates from your OS vendor. Apple, Amazon, Google, Microsoft and Mozilla release patches for ZombieLoad chip flaws https://techcrunch.com/2019/05/14/intel-chip-flaws-patches-released/ Intel MDS Vulnerabilities: What You Need

Cyber Security Trends May 2019

This posting is here to collect cyber security news in May 2019. I post links to security vulnerability news to comments of this article. If you are interested in cyber security trends, read my Cyber security trends 2019 posting. You are also free to post related links.  

China Spying on Undersea Internet Cables – Schneier on Security

https://www.schneier.com/blog/archives/2019/04/china_spying_on.html It seems that supply chain security is an insurmountably hard problem in Internet age. For years, the US and the Five Eyes seems to have had a monopoly on spying on the Internet around the globe. Now other countries seem to want in too. The recent focus on cyber security discussion has been a

Update Putty

PuTTY is one of most used open-source client-side programs to remotely access computers over secure SSH network protocol from Windows workstations. I use it very often to connect to embedded Linux devices and Linux servers. Based on latest news it might be now a very good idea to update it to latest version 0.71: PuTTY

New Tech Secures Medical Devices By Using Your Body as a Conduit for Communication

https://blog.hackster.io/new-tech-secures-medical-devices-by-using-your-body-as-a-conduit-for-communication-8ca7b8128f67 The article says: “Virtually all wearable devices today communicate wirelessly through either Bluetooth, WiFi, or simple RF (Radio Frequency) signals. While we could try to make those more secure, there is always the possibility that they could be intercepted or spoofed. This new technology avoids the problem altogether by allowing devices to communicate across

Linux kernel 5.0 released

https://www.cyberciti.biz/linux-news/linux-kernel-5-0-released-how-to-install/ Linus Torvalds the creator and the principal developer of the Linux kernel announced the release of Linux kernel version 5.0. This release increases the major kernel version number to 5. from 4.x. There are not any major changed in features but still normal set of changes you can expect from version to another. On