Foundation series

Google buys Mandiant, Redbleed mitigations hurt, PyTorch Foundation

Google closes Mandiant

Last March, Google announced plans to acquire threat intelligence firm Mandiant in a $5.4 billion deal. This came after Maniant itself spun off from FireEye in 2021. Google Cloud CEO Thomas Kurian said he would continue to use the Mandiant brand after the acquisition. Kurian argued that Mandiant’s additional security talents and technology stack will help Google Cloud “reinvent security to meet the demands of our rapidly changing world.”

(Tech Crunch)

Pay the Iron Price for Rebleed Mitigation

Back in July, we covered the discovery of a new speculative execution attack known as Retbleed, capable of leaking things in kernel memory like root password hashes. Release of the mitigation followed quickly, but like other speculative execution workarounds, they come with a heavy performance penalty. VMware reports that performance on ESXi VMs using Linux kernel 5.19 with mitigation enabled resulted in 70% CPU performance degradation, 30% slower networking, and 13% slower storage. Disabling kernel mitigations brought performance back to 5.18 performance. No word if the Linux kernel development team will roll back the mitigations to improve performance.

(computer beeping)

Meta hands over the keys to PyTorch

Meta has announced that it will transfer control of its PyTorch AI platform to the new PyTorch Foundation under the Linux Foundation. The company already opened up the project when it launched in 2016, allowing data scientists to use Python as a programming language for AI models. The new Foundation will work with maintainers and the developer community to evolve its ecosystem over time, serving as primary drivers for new releases, features, and technical direction. Meta said it will continue to invest in the project, reiterating that it will remain its primary framework for AI research and production.

(silicon angle)

Commerce Department prepares new flea sanctions

Earlier this month, it was reported that the US Department of Commerce had sent letters to Nvidia and AMD, asking them to stop shipments of professional-grade AI chips to China. Now, Reuters sources say the US Department of Commerce intends to issue new rules that would codify restrictions on shipments of these enterprise AI chips and chip-making tools under 14. nanometers to China without license. The initial letters prohibited individual companies from shipping these chips. The rules would apply to all American businesses.

(Reuters)

Thanks to today’s episode sponsor, Edgescan

Edgescan offers a single platform solution that covers the entire stack, from web applications to APIs to network and data layer. Continuous attack surface management paired with automated, mission-critical Pen-testing as a Service (PTaaS) provides fully scalable coverage.

Lorenz ransomware targets VoIP appliances

Arctic Wolf Labs security researchers spotted the ransomware organization targeting a critical vulnerability in Mitel MiVoice VoIP devices. They gained initial access through telephone systems before moving to corporate networks. Security researcher Kevin Beaumont estimates that there are over 19,000 vulnerable Mitel devices currently online.

(computer beeping)

Albania hit again by Iran

The attacks came days after Albania severed diplomatic ties with Iran following previous attacks in July. Albanian Prime Minister Edi Rama said the same actors in the July attack targeted the country’s total information management system. The attack specifically focused on data storage and transmission systems. The attacks released screenshots of system camera feeds as proof of access. Iran has denied any involvement in the attacks.

(CyberScoop)

HP pays the price for the “Dynamic Security” printer

HP introduced its dynamic security to its printers years ago. He positioned it as a way to improve the overall user experience and maintain the integrity of printing systems. Most of the time, it just blocked the use of third-party ink and toner cartridges. The system is often rolled out to printers with a firmware update, with users not realizing the change. European consumer rights group Euroconsumers has reached a settlement with HP over the scheme, which will see the company fund up to $1.35 million for the losses. This follows a similar settlement in the United States.

(computer beeping)

Finally a TickTock that improves security!

Researchers from the National University of Singapore and Yonsei University in the Republic of Korea have developed a way to test whether a laptop microphone is recording conversations. Dubbed TickTock, the device consists of a near-field probe, radio frequency amplifier, software-defined radio, and Raspberry Pi SoC. It searches for electromagnetic waves that emanate from laptop microphones general public during check-in. The device was found to be able to detect mic signals in 90% of laptops tested, with all failures coming from Apple MacBooks. The researchers said this failure likely stemmed from the aluminum bodies and short flex cables used by Apple.

(The register)