News Posts matching #cybersecurity

Return to Keyword Browsing

Certain "Special Purpose Systems" Variants of Windows 11 Ship Without the TPM 2.0 Requirement

Perhaps the most controversial system requirement of the upcoming Windows 11 operating system is the need for a hardware trusted platform module that meets TPM 2.0 specs. Most modern computers fulfill this requirement using fTPM (firmware TPM) solutions built into their processors; and those that don't, have TPM headers for add-on TPMs, which scalpers have their eye on. It turns out, that Microsoft is designing special variants of Windows 11 for special contracts Microsoft will execute.

Computers sold under the scheme will be marked "special purpose systems," and the Windows 11 version running them will do away with the TPM 2.0 requirement. These systems are very likely to be Government or Military; or perhaps even variants Microsoft exports to countries like China and Russia, which have their own specialized cybersecurity policies and dictate software to be written a certain way to be sold in the country.

Kingston Technology Wins Coveted Global InfoSec Awards During RSA Conference 2021

Kingston Digital, Inc., the flash memory affiliate of Kingston Technology Company, Inc., a world leader in memory products and technology solutions, is proud to announce it has won the following Global InfoSec Awards for its encrypted USB solutions family from Cyber Defense Magazine (CDM), the industry's leading electronic information magazine: Data Loss Prevention Market Leader; Encryption Market Leader; Wireless, Mobile, or Portable Device Security—Most Innovative.

Kingston is the market leader in encrypted USB drives featuring solutions that range from FIPS 197-certified encryption, all the way to the toughest FIPS 140-2 Level 3 IronKey S1000, that is armed with an on-device cryptochip to protect the most sensitive data. Kingston's encrypted drives are an important tool for the government and military, as well as organizations that adhere to strict regulations, including FIPS, HIPAA, Sarbanes-Oxley, GDPR and CCPA.

Phison and Cigent Partnership Sets New Standard in Cybersecurity

Phison Electronics Corp., a global leader in NAND flash controllers and a complete line of storage solutions, and Cigent Technology, Inc., the leader in embedded cybersecurity technology, today unveiled design details behind the partnership that has delivered the industry's first and only line of self-defending storage devices with cybersecurity built into the firmware itself to protect against ransomware, data theft and malicious insider theft.

Phison's innovative and robust NAND flash solutions support a broad range of applications including embedded, consumer, enterprise and automotive. The Phison Crypto-SSD is a line of TCG enabled Self-Encrypting Drives that are designed to pass FIPS 140-3 Level 2 certification. Phison is committed to data security which helps to protect business and government users against loss or theft. Phison's collaboration with Cigent expands the E12DC Crypto-SSD security architecture to add additional compute capabilities, attack detectors and sensors directly on the drive. Together with Cigent, Phison has created a product that raises the bar of data security to a whole new level.

Flexxon Announces X-Fly AI-embedded NVMe SSD

Singapore cybersecurity firm Flexxon on Monday launched the world's first solid-state drive (SSD) embedded with artificial intelligence (AI) data security. As the "last line of defence" to protect data at the hardware level, the SSD is able to guard against both remote and physical attacks, boasting a range of features including temperature sensors to detect unusual movements that occur. In the event of such an incursion, the device - also known as X-PHY - will alert the user via email and lock itself to prevent any physical tampering. Users may then unlock the device via a dynamic authentication process. For clients with high security needs, such as the military, data may be automatically wiped should the device fall into the wrong hands.

Minister for Foreign Affairs and Minister-in-charge of Singapore's Smart Nation Initiative Vivian Balakrishnan said that the innovation was a "breakthrough" and a significant step in increasing security and safety for end users, having put AI into the firmware layer of an SSD. Congratulating Flexxon on its new product, Dr Balakrishnan - who was the guest-of-honour at the launch - also called on similar companies to include research institutes, universities and the private sector to enhance local research and development efforts in AI.

Hundreds of Millions of Dell Laptops and Desktops Vulnerable to Privilege Escalation Attacks

Dell notebooks and desktops dating all the way back since 2009—hundreds of millions of them the PC giant has shipped since—are vulnerable to unauthorized privilege escalation attacks, due to a faulty OEM driver the company uses to update the computer's BIOS or UEFI firmware, according to findings by cybersecurity researchers at SentinelLabs. "DBUtil," a driver that Dell machines load during automated or unattended BIOS/UEFI update processes initiated by the user from within the OS, is found to have vulnerabilities that malware can exploit to "escalate privileges from a non-administrator user to kernel mode privileges."

SentinelLabs chronicled its findings in CVE-2021-21551, which details five individual flaws. Two of these point out flaws that can escalate user privileges through controlled memory corruption, two with lack of input validation; and one with denial of service. Organizations that have remote updates enabled for their client machines are at risk, since the flaw can be exploited over network. "An attacker with access to an organization's network may also gain access to execute code on unpatched Dell systems and use this vulnerability to gain local elevation of privilege. Attackers can then leverage other techniques to pivot to the broader network, like lateral movement," writes SentielLabs in its paper.

QNAP NAS Affected by Qlocker Ransomware, Company Advises Immediate Action to Secure Your Data

QNAP Systems, Inc. (QNAP), a leading computing, networking and storage solution innovator, today issued a statement in response to recent user reports and media coverage that two types of ransomware (Qlocker and eCh0raix) are targeting QNAP NAS and encrypting users' data for ransom. QNAP strongly urges that all users immediately install the latest Malware Remover version and run a malware scan on QNAP NAS. The Multimedia Console, Media Streaming Add-on, and Hybrid Backup Sync apps need to be updated to the latest available version as well to further secure QNAP NAS from ransomware attacks. QNAP is urgently working on a solution to remove malware from infected devices.

QNAP has released an updated version of Malware Remover for operating systems such as QTS and QuTS hero to address the ransomware attack. If user data is encrypted or being encrypted, the NAS must not be shut down. Users should run a malware scan with the latest Malware Remover version immediately, and then contact QNAP Technical Support at this page.

OWC Partners with Acronis, to Include Backup and Anti-Ransomware with Select Products

OWC, the premier zero-emissions Mac and PC technology company, and a respected provider of Memory, External Drives, SSDs, Mac & PC docking solutions, and performance upgrade kits, announces partnership with Acronis, making Acronis True Image OEM software available on OWC storage solutions that include SoftRAID today and will consist of additional or all OWC storage solutions in the future. Integrating best-of-breed backup and recovery with AI-enhanced anti-ransomware technology, Acronis' solution ensures that a user's digital life is protected - photos, files, applications, operating systems, and the devices they're on.

Backing up and protecting data is critically important, yet too often the task falls to the bottom of the to-do list. Acronis True Image OEM is designed to complement a user's existing workflow. And with modern ransomware targeting backup files and processes, it is the world's first solution to unify backup and anti-ransomware capabilities in one to ensure data is protected from accidents, failures, and cyber attacks.

NVIDIA and Global Computer Makers Launch Industry-Standard Enterprise Server Platforms for AI

NVIDIA today introduced a new class of NVIDIA-Certified Systems, bringing AI within reach for organizations that run their applications on industry-standard enterprise data center infrastructure. These include high-volume enterprise servers from top manufacturers, which were announced in January and are now certified to run the NVIDIA AI Enterprise software suite—which is exclusively certified for VMware vSphere 7, the world's most widely used compute virtualization platform.

Further expanding the NVIDIA-Certified servers ecosystem is a new wave of systems featuring the NVIDIA A30 GPU for mainstream AI and data analytics and the NVIDIA A10 GPU for AI-enabled graphics, virtual workstations and mixed compute and graphics workloads, also announced today.

NVIDIA Extends Data Center Infrastructure Processing Roadmap with BlueField-3 DPU

NVIDIA today announced the NVIDIA BlueField -3 DPU, its next-generation data processing unit, to deliver the most powerful software-defined networking, storage and cybersecurity acceleration capabilities available for data centers.

The first DPU built for AI and accelerated computing, BlueField-3 lets every enterprise deliver applications at any scale with industry-leading performance and data center security. It is optimized for multi-tenant, cloud-native environments, offering software-defined, hardware-accelerated networking, storage, security and management services at data-center scale.

Acer Reportedly Hit By $50 Million Ransomware Attack

Acer has reportedly been hit with a REvil ransomware attack covering financial spreadsheets, bank balances, and bank communications. The actors are demanding a 50 million USD ransom which is one of the highest amounts ever demanded in a breach of this type. Acer has not confirmed the report instead stating that they "reported recent abnormal situations" to the relevant authorities. Communication between REvil and Acer began on March 14th with the attackers demanding payment in XMR cryptocurrency via a Tor website in return for the decryptor, a vulnerability report, and the deletion of stolen files. The cause of the attack appears to be a vulnerability in Microsoft Exchange which has now been patched but was not updated by Acer. The group is demanding payment before March 28th or the price will double to 100 million USD.

NETGEAR Introduces Powerful New Tri-Band Mesh WiFi to the Portfolio of Nighthawk Mesh WiFi 6 Systems

NETGEAR, Inc., the worldwide leading provider of award-winning advanced mesh WiFi for home and office, has today announced the addition of a new tri-band mesh system to the family of Nighthawk Mesh - Nighthawk Tri-band Mesh WiFi 6 System (MK83). Providing powerful mesh WiFi 6, this latest offering from NETGEAR is designed to blanket the whole home with high-performance WiFi to manage more devices on the network and eliminate dead zones in every room of the house.

The powerful quad-core processor of the Nighthawk Tri-band Mesh WiFi 6 system delivers more processing power than WiFi 5, increasing the overall WiFi performance. This enables the mesh system to support the demands of today's homes from streaming, gaming, video conferencing for distance learning and remote work to powering the growth of smart home devices. Get immersed in UHD streaming and enjoy lag-free gaming with Nighthawk's combined WiFi speeds of up to 3.6Gbps that is more than capable of delivering up to Gigabit internet speeds throughout out the home. Newer WiFi 6 technology powers up to four times the performance and capacity of previous generation WiFi 5 (802.11ac) but still provides 100% backwards compatibility to earlier generations of WiFi devices (802.11a/b/g/n/ac) so all devices can connect at top speeds.

NETGEAR Debuts WiFi 6E With New Nighthawk RAXE500 Tri-band WiFi Router

NETGEAR, Inc. (NASDAQ: NTGR), the worldwide leading provider of award-winning advanced networking products for home and office has today announced, during the historic virtually-hosted CES 2021, the introduction of the world's first all-purpose WiFi 6E router, the Nighthawk RAXE500 Tri-band WiFi router. Promised to elevate the WiFi experience by providing speeds up to 10.8Gbps, this latest addition to the Nighthawk line of performance routers ushers in a new era of fast connectivity on the new 6Ghz band, free of interference and congestion.

Working, learning, and video streaming from home has placed greater demands on home WiFi networks. Devices in these ultra-connected households have been in a constant contest for bandwidth on crowded WiFi networks. WiFi 6E resolves these congestion issues by adding previously unavailable 6GHz WiFi spectrum that can be used to broadcast WiFi signals and connect to more devices with faster speeds and reliability. Up until the introduction of WiFi 6E, WiFi routers have been limited to the 2.4GHz and 5GHz bands. The new third 6GHz band will dramatically increase the capacity of networks to support more devices.

Intel Introduces new Security Technologies for 3rd Generation Intel Xeon Scalable Platform, Code-named "Ice Lake"

Intel today unveiled the suite of new security features for the upcoming 3rd generation Intel Xeon Scalable platform, code-named "Ice Lake." Intel is doubling down on its Security First Pledge, bringing its pioneering and proven Intel Software Guard Extension (Intel SGX) to the full spectrum of Ice Lake platforms, along with new features that include Intel Total Memory Encryption (Intel TME), Intel Platform Firmware Resilience (Intel PFR) and new cryptographic accelerators to strengthen the platform and improve the overall confidentiality and integrity of data.

Data is a critical asset both in terms of the business value it may yield and the personal information that must be protected, so cybersecurity is a top concern. The security features in Ice Lake enable Intel's customers to develop solutions that help improve their security posture and reduce risks related to privacy and compliance, such as regulated data in financial services and healthcare.

NVIDIA Introduces New Family of BlueField DPUs to Bring Breakthrough Networking, Storage and Security Performance to Every Data Center

NVIDIA today announced a new kind of processor—DPUs, or data processing units—supported by DOCA, a novel data-center-infrastructure-on-a-chip architecture that enables breakthrough networking, storage and security performance.

NVIDIA founder and CEO Jensen Huang revealed the company's three-year DPU roadmap in today's GPU Technology Conference keynote. It features the new NVIDIA BlueField -2 family of DPUs and NVIDIA DOCA software development kit for building applications on DPU-accelerated data center infrastructure services.

NETGEAR Extends WiFi6 Leadership with 2nd Orbi Mesh System Delivering Gigabit WiFi Everywhere in the Home

NETGEAR, the leading provider of mesh WiFi systems that power today's smart homes and small businesses, is introducing the next WiFi 6 member of the Orbi Mesh WiFi family, NETGEAR Orbi WiFi 6 AX4200 Tri-band Mesh Systems (RBK752/753). Joining the flagship Orbi WiFi 6 AX6000 Tri-band Mesh System (RBK852), this new Orbi Mesh System, with its attractive price point, is designed to make robust whole home WiFi 6 mesh accessible to more households around the globe. While accelerating the transition to the latest in WiFi technology, the new Orbi Tri-band Mesh WiFi system is available now as a two pack, router and satellite system (RBK752), and a three pack, router with two satellites (RBK753), from NETGEAR.com and other retailers.

Following on the tremendous success of the award-winning Orbi WiFi 6 AX6000 mesh system (RBK852) and the numerous WiFi 6 clients now available from phone and laptop manufacturers, the Orbi AX4200 WiFi 6 Mesh Systems join NETGEAR's industry-leading portfolio of WiFi 6 network product offerings. The two new WiFi 6 mesh systems make the ideal upgrade for the customer who wishes to get the benefits of both the WiFi performance and coverage of a tri-band mesh and the capacity to handle multiple devices with WiFi 6 for their home but at a more attractive price point. Tri-band mesh WiFi provides a network of wireless router and satellites with a dedicated data connection from router to satellite to ensure the best performance and reach through the entire home.

New "Plundervolt" Intel CPU Vulnerability Exploits vCore to Fault SGX and Steal Protected Data

A group of cybersecurity researchers have discovered a new security vulnerability affecting Intel processors, which they've craftily named "Plundervolt," a portmanteau of the words "plunder" and "undervolt." Chronicled under CVE-2019-11157, it was first reported to Intel in June 2019 under its security bug-bounty programme, so it could secretly develop a mitigation. With the 6-month NDA lapsing, the researchers released their findings to the public. Plundervolt is described by researchers as a way to compromise SGX (software guard extensions) protected memory by undervolting the processor when executing protected computations, to a level where SGX memory-encryption no longer protects data. The researchers have also published proof-of-concept code.

Plundervolt is different from "Rowhammer," in that it flips bits inside the processor, before they're written to the memory, so SGX doesn't protect them. Rowhammer doesn't work with SGX-protected memory. Plundervolt requires root privileges as software that let you tweak vCore require ring-0 access. You don't need direct physical access to the target machine, as tweaking software can also be remotely run. Intel put out security advisory SA-00298 and is working with motherboard vendors and OEMs to release BIOS updates that pack a new microcode with a mitigation against this vulnerability. The research paper can be read here.

NETGEAR Expands the Orbi Family with New Dual Band Mesh System- Slim and Sleek Design with Powerful WiFi

NETGEAR, the leading provider of performance mesh WiFi networking systems, is today introducing the latest addition to the popular Orbi Whole Home WiFi System. This new Orbi Dual Band Mesh WiFi System (RBK13) which consists of one router and one or more satellites is best suited to cover a medium to large sized home from 3,000 sq. ft. or higher to provide reliable WiFi for streaming and gaming. This new Orbi Mesh WiFi offering also features NETGEAR Armor cybersecurity to keep your home safe from online threats and Circle Smart Parental Controls to manage screen time.

The latest addition to the Orbi Whole Home WiFi System product family combines performance with style delivering combined speeds up to 1.2 Gbps for households with a large number of internet-connected devices. The new compact and modern design will blend subtly with a home's décor inconspicuously sitting on a shelf, counter or entertainment center. The setup is made easy and completed in minutes through the Orbi app from your Android or iOS mobile device, which also enables management of the home WiFi. Orbi works with either Amazon Alexa or Google Assistant enabling voice management of frequently used functions like enabling guest WiFi.

A Case for Windows Defender: Triad of Perfect Scores in AV-Test

Here's a strange thing: a case for a free, bundled software solution being better (in the metrics concerned and evaluated) than paid, third-party counterparts. We're writing of none other than Microsoft's own Windows Defender suite, which is bundled with Windows and offers a security solution integrated into your OS. While the "paid is always better" philosophy has been proven wrong time and again and isn't that much of a powerhouse behind users' thought process anymore, the fact is that Windows Defender has somewhat been taken for granted as an "undesirability" in users' computers. However, a comparison made by AV-Test, which pits many of the available cybersecurity solutions available on the market, has found Microsoft's Windows Defender to be worthy of a triad of perfect scores.

The results for Windows Defender include perfect (6.0) scores in the "Protection", "Performance" and Usability" categories. The testing period refers to May through June of this year, and only F-Secure SAFE 17, Kaspersky Internet Security 19 and Norton Security 22.17 managed to get the same perfect scores as Windows Defender Version 4.18. Check out the link for the score of your cybersecurity solution of choice. But it's clear that least where this period is concerned, Windows Defender walked circles around some paid solutions.

NETGEAR Delivers Advanced Network Protection With New Nighthawk Cybersecurity WiFi Router

NETGEAR , Inc. (NASDAQ:NTGR), the leading provider of networking devices that connect smart homes and small businesses to the world, today announced the availability of a new router designed to keep your network secure from online threats, the Nighthawk Cybersecurity AC2300 WiFi Router (RS400). With three years of NETGEAR Armor powered by Bitdefender included, the RS400 is well-matched to provide the best-in-class anti-virus, anti-malware, and data protection for an unlimited number of devices on your network including PCs, laptops, mobile devices, IoT and Smart Home.

Unlike software applications that are installed on laptops or smartphones, the Nighthawk Cybersecurity WiFi Router is designed to provide protection for all the connected devices on your network including vulnerable IoT smart home products. Given that the router directs all incoming and outgoing internet traffic on the network, the router becomes the first line of defense for the connected home. In addition to scanning incoming traffic for security risks, the RS400 also monitors for and can intercept rogue traffic generated from a device, in the event that a device has been hijacked.

NETGEAR Announces Its Armor Cyber Threat Protector in Partnership With Bitdefender

NETGEAR Armor on your Orbi Mesh WiFi Systems is a cybersecurity solution that protects all internet-connected devices in your home from viruses, malware, stolen passwords, identity theft and hacking, whether you're at home or on the go. Many people already have some type of anti-virus software loaded onto their home computers. However, this is often not effective enough for the cyber threats in today's environment. In fact, according to research, 146 billion records of personal information, such as credit card information or national identification / social security numbers, are expected to be stolen by cybercriminals between 2018 to 2023.

Crypto Exchange Head Takes $137 million Cold Wallet Key to his Grave

In a classic case of why businesses should have disaster mitigation plans in place, Vancouver-based crypto-currency exchange QuadrigaCX has potentially lost USD $137 million in assets (customers' money), after its founder's death. Founder and director Gerry Cotten had stored the money in an offline cold wallet on an encrypted laptop and committed its password to memory. In December, Cotten died overseas of Crohn's disease, leaving the company with no other handwritten record of the laptop's password.

Crypto exchanges tend to store assets in cold wallets either on offline computers or plain paper, to avoid the wallets getting stolen on hacked online computers. The company has hired cybersecurity firms to try and decrypt the laptop to no success thus far. Cotten's widow Jennifer Robertson in a sworn affidavit to a court said that she had not found any traces of the password in their residence despite repeated and thorough searches. QuadrigaCX in addition to the $137 million under management, also holds $53 million in disputed assets.

Fortnite is Being used as a Money Laundering Venue

The Independent has conducted an investigative report into the underwold's usage of Fortnite as a venue for money laundering. This likely won't come as a surprise - Fortnite has pretty lax acquisition restrictions for its in-game content and V-bucks, and the world's most popular multiplayer game moves millions of players through its servers daily. with such a deep pool of likely buyers for anything Fortnite at under Fortnite-store pricing, the stage is set for an almost untraceable money laundering scheme.

Touring NETGEAR at CES 2019: Wi-Fi 6 Takes Center Stage!

The gift that is CES keeps on giving! We go over the NETGEAR suite, and it was more of an entire floor, in this article with the company showing off their involvement in every networking sector imaginable- the professional environment, consumer and retail networking solutions, and smart home devices. Indeed, stepping off the elevator itself led to a hallway lined with Meural canvasses, which are very well built frames that have an integrated display to show off images of your choosing. This public hallway had generation 2.0 canvasses, with the new-for-CES generation 3.0 series inside the show room that encompasses four different frame options in two different sizes- the currently available 27" version, and the newer 21.5" size for those wanting something smaller.

Meural canvasses can be used in landscape or portrait configurations, and supports a library of over 30,000 curated art images at an optional membership cost of $49.95/year. The new generation is available from August 2019, with the new screens having a wider color gamut and a truer-to-life display, that was impressive. These are definitely for a niche audience, however, but I can appreciate NETGEAR wanting to provide more use cases for their networking solutions. The current Gen 2.0 27" canvas starts at $595 (dimensions with the frame are larger than 27"), and an optional pivoting stand with more display I/O options is an additional $49.95 for when you want to have your own images connected to it. For the rest of the tour, be sure to read past the break!

ASUS Z390 Motherboards Automatically Push Software into Your Windows Installation

During testing for our Intel Core i9-9900K review we found out that new ASUS Z390 motherboards automatically install software and drivers to your Windows 10 System, without the need for network access, and without any user knowledge or confirmation. This process happens in complete network-isolation (i.e. the machine has no Internet or LAN access). Our Windows 10 image is based on Windows 10 April 2018 Update and lacks in-built drivers for the integrated network controllers.

Upon first boot, with the machine having no LAN or Internet connectivity, we were greeted by an ASUS-specific window in the bottom right corner of our screen, asking whether we'd like to install the network drivers and download "Armoury Crate". This got us curious and we scanned the system for any files that aren't part of the standard MS Windows installation. We discovered three ASUS-signed files in our Windows 10 System32 folder, which, so it seems, magically appeared on our harddrive out of thin air. Upon further investigation we also found a new, already running, system service called "AsusUpdateCheck."

Chinese Government Allegedly Used Supermicro Motherboards to Spy on US Enterprises

In a development that underlines the national security necessity of moving electronics manufacturing out of China, server motherboards made by Supermicro in China, have been found to carry a "spy chip." This startling development is the result of a secret 2015 US Government investigation unearthed by Bloomberg. The Chinese government has allegedly been using hardware-based spyware in Supermicro motherboards that are manufactured in China; to spy on major American enterprises, including (but not limited to) Amazon Web Services and Apple, among others, who use Supermicro motherboards in their data-centers. The level of surveillance includes attempts to steal trade-secrets and intellectual property.

Fearing loss in business, affected cloud-computing providers, including AWS and Apple, have each posted strong denials that their hardware infrastructure is vulnerable to foreign government surveillance. Apple stated: "We are deeply disappointed that in their dealings with us, Bloomberg's reporters have not been open to the possibility that they or their sources might be wrong or misinformed. Our best guess is that they are confusing their story with a previously reported 2016 incident in which we discovered an infected driver on a single Super Micro server in one of our labs. That one-time event was determined to be accidental and not a targeted attack against Apple."
Return to Keyword Browsing
Copyright © 2004-2021 www.techpowerup.com. All rights reserved.
All trademarks used are properties of their respective owners.