Google closes on Mandiant
Back in March, Google announced it intended to acquire the threat intelligence firm Mandiant in a $5.4 billion deal. This came after Maniant itself was spun out from FireEye in 2021. Google Cloud CEO Thomas Kurian said it will keep using the Mandiant brand post-acquisition. Kurian made the case that the added security talent and tech stack from Mandiant will help Google Cloud “reinvent security to meet the requirements of our rapidly changing world.”
Paying the iron price for Retbleed mitigation
Back in July, we covered the discovery of a new speculative execution attack known as Retbleed, able to leak items in kernel memory like root password hashes. The release of mitigation followed quickly, but like other speculative execution workarounds, they exact a heavy performance penalty. VMware reports that performance on ESXi virtual machines using Linux kernel 5.19 with mitigation turned on resulted in 70% worse CPU performance, 30% slower networking, and 13% slower storage. Turning off the kernel mitigations returned performance to version 5.18 performance. No word if the Linux kernel development team will revisit the mitigations to improve performance.
Meta hands over the keys to PyTorch
Meta announced it will move control of its PyTorch AI platform to the new PyTorch Foundation under the Linux Foundation. The company already open-sourced the project when it launched in 2016, letting data scientists use Python as a programming language for AI models. The new Foundation will work with maintainers and the developer community to evolve its ecosystem over time, serving as the primary drivers for new releases, features and technical direction. Meta said it will continue to invest in the project, reiterating that it will remain its primary framework for AI research and production.
Commerce Department readies new chip sanctions
Earlier this month it was reported that the US Commerce Department sent letters to Nvidia and AMD, asking them to stop shipments of enterprise-grade AI chips to China. Now Reuters’ sources say the US Commerce Department intends to publish new rules that would codify restrictions on shipments of these enterprise AI chips and sub-14 nanometer chipmaking tools to China without a license. The initial letters restricted individual companies from shipping these chips. The rules would apply to all US companies.
Thanks to today’s episode sponsor, Edgescan
Lorenz ransomware targets VoIP appliances
Security researchers at Arctic Wolf Labs spotted the ransomware organization targeting a critical vulnerability in Mitel MiVoice VoIP appliances. They obtained initial access over the phone systems before jumping over to corporate networks. Security researcher Kevin Beaumont estimates there are over 19,000 vulnerable Mitel devices currently online.
Albania again hit by Iran
The attacks came days after Albania severed diplomatic relations with Iran over previous attacks in July. Albanian Prime Minister Edi Rama said the same actors from the July attack targeted the country’s Total Information Management System. The attack specifically focused on data storage and transmission systems. Attacks posted screenshots of camera feeds from the system as proof of access. Iran denied involvement in the attacks.
HP pays the price for printer “Dynamic Security”
HP introduced its Dynamic Security on its printers years ago. It positioned it as a way to upgrade the overall user experience and maintaining integrity of printing systems. Mostly it just blocked use of third-party ink and toner cartridges. The system often rolled out to printers with a firmware update, with users not realizing the change. The EU consumer rights group Euroconsumers reached a settlement with HP on the system, which will see the company fund up to $1.35 million for losses. This follows a similar settlement in the US.
Finally, a TickTock that improves security!
Researchers at the National University of Singapore and Yonsei University in the Republic of Korea developed a way to verify if a laptop mic is recording conversations. Dubbed TickTock, the device consists of a near-field probe, a radio-frequency amplifier, software defined radio, and Raspberry Pi SoC. It looks for electromagnetic waves that emanate from consumer laptop microphones when recording. The device proved able to detect mic signals on 90% of tested laptops, with all failures coming from Apple MacBooks. The researchers said this failure likely came from the aluminum bodies and short flex cables used by Apple.