Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days.
Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for highlights of the goings-on each week!
Two days ago, Graz University of Technology published a paper https://spectreattack.com/ describing a pair of attacks on common microprocessors. The underlying vulnerability affects Intel, AMD, and ARM processors. All contemporary microprocessors pre-execute instructions. In other words, the vulnerability bypasses address space isolation. Address space isolation has been a foundation for processor integrity since the 1980s.
As manufacturers develop Internet of Things (IoT) devices that integrate with widely popular internet-based applications, more and more users see the value in purchasing such devices. Ease of integration becomes an incentive for users to consider adding these products to their network of devices. But while the ease of use can be enticing, these products can also be susceptible to security issues that could introduce far-reaching problems.
Researchers at Trend Micro have found that certain models of Sonos and Bose speakers have vulnerabilities that leave them open to hijacking, as reported by Wired. The accessible speakers are being exploited by hackers that are using them to play spooky sounds, Alexa commands, and… Rick Astley tracks.
Trend Micro vice president Mark Nunnikhoven joins BNN for a look at the firm’s latest report on security trends for 2018.
Avirus that turns victims’ computers into a cryptocurrency miner without their knowledge is spreading across Facebook Messenger, security experts have warned.
The malware, named “Digmine”, affects desktop versions of the app when running on a Google Chrome browser, according to researchers at Trend Micro.
The past 12 months have been packed with geopolitical incidents, global malware threats and ubiquitous big-name data breaches. Now that the year has ended, it might be useful to recap some of the biggest themes of 2017 — with an eye on fortifying systems for the 12 months to come.
Please add your thoughts in the comments below or follow me on Twitter; @JonLClay.