Intel AMT Security Issue Lets Attackers Bypass Login Credentials in Corporate Laptops

Insecure defaults in Intel AMT allow an intruder to completely bypass user and BIOS passwords and TPM and Bitlocker PINs to backdoor almost any corporate laptop in a matter of seconds.

Helsinki, Finland – January 12, 2018: F-Secure reports a security issue affecting most corporate laptops that allows an attacker with physical access to backdoor a device in less than 30 seconds. The issue allows the attacker to bypass the need to enter credentials, including BIOS and Bitlocker passwords and TPM pins, and to gain remote access for later exploitation. It exists within Intel’s Active Management Technology (AMT) and potentially affects millions of laptops globally.

http://brn.firetrench.com

Continue reading

Cybersecurity Threats Outpacing Abilities of Governments and Companies

Georg Schmitt, Head of Corporate Affairs, World Economic Forum

  • The World Economic Forum has released a new report, Cyber Resilience: Playbook for Public-Private Collaboration, to build collaboration across sectors to improve cybersecurity
  • The playbook precedes the launch of a new Global Centre for Cybersecurity at the Annual Meeting 2018 in Davos
  • The report covers access to sensitive data, rules for private companies to respond to cyber-threats, dissemination of threat intelligence and policies regulating encryption
  • Report provides 12 case studies — including Google’s Project Zero, the Department of Homeland Security’s Automated Indicator Sharing, and the United Kingdom’s Operation Waking Shark
  • The 48th World Economic Forum Annual Meeting will take place on 23-26 January in Davos-Klosters, Switzerland, under the theme, Creating a Shared Future in a Fractured World

Geneva, Switzerland, 12 January 2018 – Cybersecurity threats are outpacing the ability to overcome them unless all stakeholders begin to cooperate. The increasingly networked, digitized, and connected world is vulnerable to cyber-threats that can only be addressed by the combined capabilities of the public and private sectors, according to a new report by the World Economic Forum in collaboration with The Boston Consulting Group (BCG). Cyber Resilience: Playbook for Public-Private Collaboration is a tool to facilitate capacity-building, policies and processes necessary to support collaboration, safeguard cyberspace and strengthen cyber-resilience.

http://brn.firetrench.com

Continue reading

Popular messaging app, Telegram, mirrored to create fake apps that serve malware

Security firm, Symantec, has discovered a counterfeit version of the encrypted messaging app Telegram, with malware built on the open source code. The fake app, Teligram, which was freely available on the Google Play Store, features similar branding and app store listings to trick users to install malware on their device and hijack their data. More information can be found here.

http://brn.firetrench.com

Continue reading

The Ginetta G60-LT-P1 Breaks Cover At Autosport International?

The Ginetta G60-LT-P1 has broken cover for the very first time today (11/01/2018) at Birmingham’s National Exhibition Centre. As one of the most highly anticipated launches of the Autosport International schedule, the car – which is named in tribute to the 60th anniversary of the Ginetta marque – made its public debut during the opening day of this year’s trade show.

http://brn.firetrench.com

Continue reading

Synopsys Forms Technical Advisory Board for Software Integrity Group

Five-member board of experienced security executives to guide technical innovations of Synopsys security products and services

LONDON, UK, Jan. 11, 2018—Synopsys, Inc. (Nasdaq: SNPS) today announced the formation of a Technical Advisory Board (TAB) to guide the technical direction of the Synopsys Software Integrity Group’s security products and services, foster innovation and help ensure long-term business success. The five-member board of experienced software and security executives will counsel Synopsys on broader trends in the software industry, provide input on its solutions strategy, and help align its priorities with the requirements of its customers and market.

http://brn.firetrench.com

 

“Delivering exceptional value to our customers through innovative, cutting-edge solutions is core to our business,” says Andreas Kuehlmann, general manager of the Software Integrity Group. “Though our staff already includes many of the world’s premier software security experts, we understand it is important to build and maintain an objective outside perspective to review and augment our technical strategies. The TAB members, made up of accomplished technologists, will help us do this.”

The TAB will be chaired by Dr. Gary McGraw, vice president of security technology at Synopsys. The initial board members include Dr. Brian Chess (Oracle), Dr. Neil Daswani (Symantec), Dr. Charlie Miller (Cruise Automation), and Dr. Laurie Williams (North Carolina State University).

  • Brian Chess, Ph.D., is global vice president of infrastructure, security, and compliance at Oracle NetSuite. Previously he was founder and chief scientist at Fortify Software. Brian holds a Ph.D. in computer engineering from the University of California, where he studied computer security and methods for identifying vulnerabilities in source code. He has been granted more than a dozen patents related to integrated circuit design, web-based applications, and computer security.
  • Neil Daswani, Ph.D., is the chief information security officer for Symantec’s Consumer Business Unit. He has served in a variety of research, development, teaching, and managerial roles at LifeLock (acquired by Symantec), Twitter, Dasient, Google, Stanford University, NTT Docomo USA Labs, Yodlee, and Telcordia Technologies (formerly Bellcore).
  • Charlie Miller, Ph.D., is the principal autonomous vehicle security architect at Cruise Automation. After receiving his Ph.D. in mathematics from the University of Notre Dame, he spent 5 years as a computer hacker for the National Security Agency. Since then he has worked for various companies in the private sector, including Twitter, Uber, and Didi Chuxing. Charlie is renowned for a highly publicized demonstration in 2015 in which he and colleague Chris Valasek remotely hacked a Jeep Cherokee, leading to a recall of 1.4 million vehicles.
  • Laurie Williams, Ph.D., is the interim department head of computer science and a professor in the Computer Science Department of the College of Engineering at North Carolina State University (NCSU). Since 2011, Laurie has been a co-director of the NCSU Science of Security Lablet, sponsored by the National Security Agency. Laurie is an IEEE Fellow and has more than 240 refereed publications.
  • Gary McGraw, Ph.D., is the vice president of security technology of Synopsys. Prior to Synopsys, Gary served as the CTO of Cigital, which was acquired by Synopsys in 2016. He is a globally recognised authority on software security and the author of eight best-selling books on this topic. Besides serving as a strategic counselor for top business and IT executives, Gary is on the advisory boards for several software and security companies.

 

About the Synopsys Software Integrity Platform

Synopsys offers the most comprehensive solution for building integrity—security and quality—into the software development life cycle and supply chain. The Software Integrity Platform unites leading testing technologies, automated analysis, and experts to create a robust portfolio of products and services. This portfolio enables companies to develop personalised programs for detecting and remediating defects and vulnerabilities early in the development process, minimising risk and maximising productivity. Synopsys, a recognised leader in application security testing (AST), is uniquely positioned to adapt and apply best practices to new technologies and trends such as IoT, DevOps, CI/CD, and the Cloud. For more information, go to www.synopsys.com/software.

About Synopsys

Synopsys, Inc. (Nasdaq: SNPS) is the Silicon to Software™ partner for innovative companies developing the electronic products and software applications we rely on every day. As the world’s 15th largest software company, Synopsys has a long history of being a global leader in electronic design automation (EDA) and semiconductor IP and is also growing its leadership in software security and quality solutions. Whether you’re a system-on-chip (SoC) designer creating advanced semiconductors, or a software developer writing applications that require the highest security and quality, Synopsys has the solutions needed to deliver innovative, high-quality, secure products. Learn more at www.synopsys.com.

Continue reading

PREMIUM WATCH BRAND ANNOUNCES PARTNERSHIP WITH TWO NEW MOTORSPORT STARS

Christopher Ward welcomes motorsport racer Jody Fannin and Rallycross driver Paige Bellerby to their unique Challenger Programme, following the Need for Speed competition.

 Premium watch brand Christopher Ward is delighted to announce that British racing driver Jody Fannin and Rallycross driver Paige Bellerby are winners of the brand’s Need for Speed competition, which launched in September 2017.  The competition, which was open to UK-based grass-roots level¹ motorbike or car racing drivers, invited entrants to apply for a place in the Christopher Ward Challenger Programme. After initially setting out to recruit one motorsport star into the Challenger Programme, Christopher Ward Co-Founder Mike France was so impressed by both Jody and Paige, and their passion for their sport, that it was decided to offer both a place in the Programme.

http://brn.firetrench.com

Continue reading

Carphone Warehouse fined £400,000 for putting millions of customers’ data at risk

Following the news that Carphone Warehouse has been slapped with a £400,000 fine after one of the company’s computer systems was compromised as a result of a cyber-attack in 2015, putting millions of people’s data at risk, Andy Norton, Director of threat intelligence at malware protection firm Lastline and Tim Erlin, VP at Tripwire, explain how much more this fine would cost once GDPR is in effect:

http://brn.firetrench.com

Continue reading

Canada’s First Funicular Opens in Edmonton

Canada’s First Funicular Opens in Edmonton

 

 

Kebony wood consciously connects public green space

 

[Canada: 10 January 2018] Canada’s first funicular, officially named ‘the 100 Street Funicular and Frederick G. Todd Lookout’, has now opened as an attraction to members of the public in downtown Edmonton. Designed in its entirety by Dialog Design, this $24 million project has been publically funded to improve access to Edmonton’s river valley – the city’s largest and publicly accessible green space. Kebony, a beautiful wood recommended by leading architects, was consciously selected for the funicular stairs, cladding and boardwalk owing to its hardwearing and environmentally friendly nature.

http://brn.firetrench.com

Continue reading