Eight more Spectre-style flaws found in Intel processors - four rated as high severity.

May 03, 2018

Chip giant Intel faces further security patch headaches after researchers discovered and reported eight new Spectre-style hardware vulnerabilities in the company's processors.

First reported by German IT site C'T, which said it has been given full technical details on the vulnerabilties by researchers and verified them, the flaws have been confirmed by Intel which has reserved Common Vulnerabilities and Exposures (CVE) numbers for them.

 

The new set of hardware flaws have been named Spectre New Generation, and Intel rates four of the eight vulnerabilities found as high severity, and the rest as medium.

 

Patches are in the works from Intel.

 

C'T reported that one of the new vulnerabilities is a much more serious threat than the original Spectre bug, as it could be used to bypass virtual machine isolation from cloud host systems to steal sensitive data such as passwords and digital keys.

 

The Spectre-NG exploit works regardless of Intel's software guard extensions (SGX) being enabled.

At this stage, it is unclear if AMD processors and chips following the ARM architecture are also vulnerable to the Spectre-NG attacks.

 

Google's Project Zero team of security researchers are credited with finding one of the Spectre-NG vulnerabilties.

 

They are likely to publish technical details next week when a strict 90-day non-disclosure period to give vendors time to address flaws runs out.

 

Taking care of the Spectre and Meltdown flaws in processors has been difficult for Intel and its technology partners such as Microsoft, with users reporting system instability and slower performance after microcode patches have been applied.

 

The vulnerabilities are due to hardware design flaws, and allow attackers to read data in memory. Thousands of older and newer processors are affected by the vulnerabilities.

 

Intel has promised to re-architect its processors to prevent a repeat of the Spectre and Meltdown flaws.

NSW Police buys 1000 biometric scanners for the beat that will tether with smartphones.

May 27, 2018

NSW Police will deploy as many as 1000 smartphone-compatible fingerprint scanners to keep its officers on the front line for longer.

The force has handed NEC a $4.7 million contract to purchase and deploy the portable devices, more than two-and-a-half years after it approached technology vendors....

Sydney Airport to run face recognition throughout terminals for passenger pre-boarding and arrivals.

May 30, 2018

Sydney Airport is preparing to roll out a new passenger management system that will use facial recognition technology to handle all aspects of the pre-boarding process.

The airport is currently “in the throes” of the project and is expected to conduct an initial pilot of the end-to-end system in the second half of this year...

NSW govt invests $12m in facial matching services

May 29, 2018

The NSW government will invest $12 million in facial matching services in next month’s state budget.

The funding will fall to the NSW Police Force for participation in the national facial biometrics matching scheme, which federal, state and territory governments agreed to establish last October. 

Meltdown and Spectre spook people into the hacker's hands

January 01, 2020

In the panic to patch devices in the wake of the Spectre and Meltdown revelations some people are turning to fake patch sites to deliver patches immediately and installing malware with it....

‘Meltdown’ and ‘Spectre’ CPU exploits reportedly not specific to Intel systems

January 04, 2018

This is a reminder to you all to patch your devices often.

A so-called bug initially ascribed solely to Intel CPUs is actually a pair of exploits that, taken together, impact many of the CPUs being used in PCs, mobile devices, and data centers. The bugs now have names, specifically, Meltdown, which affects Intel processors, and Spectre, which is more widespread and affects CPUs from Intel, AMD, and ARM.

Nixon Technology customers on the monthly support contract have their updates delivered automatically to all contracted devices.

To read more, click on the link below

Millions of Recruitment Records Exposed in Data Breach

November 16, 2016

Incredibly, only days following the unintentional data breach by the Australian Red Cross Blood Service, another disturbing accidental breach has been discovered when more than 30 GB worth of personal and sensitive data belonging to global UK-based recruitment firm Michael Page was placed on a non-secure, public facing server.

 

Michael Page has a large presence in Australia. The company claimed that the attack was perpetrated on 31 October and uncovered the next day.

 

The breached database - located in Australia - reportedly contained nearly 8 million user records, exposing over 713,000 individual job seekers; many are thought to be from Australia.

 

Compromised records include cover letters, resumes’, current applications from LinkedIn, along with personal information associated with these types of confidential documents, such as email addresses, phone numbers and residential addresses. Usernames and passwords were not compromised as they were reportedly encrypted.

 

Global consulting, technology, and outsourcing services firm, Capgemini, has been named as the source behind the accidental release. The breach occurred when data backups were inadvertently placed on a development server - possibly when the company was security testing Michael Page’s ICT systems - and accessed by anonymous individuals thought to be behind the discovery of the non-secure Red Cross data.

 

Operator of the haveibeenpwned.com website Troy Hunt, was contacted on October 30 and sent him a sample of the newly compromised data. In an interview with IT News, Hunt said that just like the Red Cross breach, no particular skill was required to discover the database backup files.

 

"It's really simple, someone just left the data on the server, and it was easily found. It's not just one mistake, but several, including backing up production data to a development server, connecting that to the internet and enabling directory browsing.

 

Was it one person who did this, or did it take a concerted effort by several people to make the basic errors that lead to the leak?"

 

Page Group has sent messages to affected clients saying that “We are sorry to tell you that the details you provided as part of your recent website activity have been identified as amongst those accessed. We know people care deeply about their data being protected so wanted you to hear this from us.

 

We requested that the third-party destroys all copies of the data and they have confirmed that they have already done so."

 

The perpetrators are thought to have complied and destroyed all compromised information and records.

 

The entire incident bears an almost identical resemblance to the Red Cross breach - both in terms of simple access and careless practices - and once again shows that such incidents are not confined to hackers forcing their way in to targeted systems. Many information security breaches in Australia are attributed to unintentional, inadvertent actions.  

 

Australian organisations, businesses and those companies entrusted with client data need to be doing a lot better than this.

 

The amount of insecure data that was discovered is staggering  to say the least. Thankfully it didn’t fall in to the hands of malicious actors; the downstream effects could have been devastating!

Talk to us about your IT security concerns today.

Original article provided by Integersec.com.au and republished with permission.

Australians targeted with Cryptolocker

August 17, 2016

The following article is from 2015, but we are seeing an increasing number of attacks from ransomware in Australia still to this day.

It's becoming crucial to have the right backup that can help you recover from an attack. The basic steps to recover from an attack are:

1. Remove the active ransomware from both memory and the system

2. Restore your system to just prior to the attack.

Sounds simple, but if you are only backing up your files once a day, you could have just lost a full day's trade or information. More importantly there is often confusion about exactly when the attack took place. Some ransomware is being coded with smarts to sit quietly in the background and encrypt a number of times before making itself known. This means that you're not sure when the attack took place and may ultimately end up paying to release your files.

Tape drive backups are no longer considered reliable for backups and in this situation you could be sifting through numerous tapes to recover data.

Using USB drives can also be a cheap way of backing up data but this can be ultimately ineffective if the drive was infected prior to the detection of the ransomware or your backup isn't making a series of backups so that you can easily determine which files from which backup you need to recover.

Nixon Technology has the answer to the business continuity solution. Our backup systems can not only provide safe and secure backups on your site, but also to a private data centre in Australia. This provides you with a (private) cloud copy of your data in a safe and secure location off site. Your servers/workstations can be virtualised within 6 seconds in the event of an attack or disaster, allowing your business to continue while the issue is resolved.

Speak to us about how we can provide business continuity for you today

Ph: 0410 695 262

email: support@nixontech.com.au

Is your Business Protected?

December 02, 2015

Is your business protected with a BCP/DRP?

 

A sound Business Continuity Plan (BPC), should be part of any business and this plan should be known and tested with the key stakeholders knowing their part in this crucial process. The larger and more complex the business the more complex the BCP tends to be, often with the Disaster Recovery Plan (DRP), being handled as a separate process. A working BCP/DRP is critical for any business as studies have shown that a business that suffers a disaster without a solid, working BCP/DRP is almost guaranteed to cease trading as a result.

The DRP focuses on the recovery of systems and data and usually lives with the IT department or organisation, while the BCP’s focus is on people and processes and belongs with the management team. Small to medium businesses will combine the BCP and DRP as the systems are usually not complex enough to separate them, allowing a more streamlined approach to process.

 

Do you have a BCP?

Firstly start by asking yourself if you have a plan. If the business location burnt down tonight, how would you continue to operate the business?

 

Where would you operate from?

 

How do you and your employees access your business information and system in order to continue to operate, pay bills and of course pay your employees?

 

A small business of a couple of staff members may have backups of their business data at home and will be able to operate out of their own homes during the recovery of the physical site. However the more complex the business system the more complex and time consuming the recovery process.

 

Do you know the plan will work?

Remember you are betting the business on the plan you have in place, so you need to know that your plan will work. This is not just the technical side of recovery of data and systems but who needs to be where, what they are doing and who they need to be working with.

 

Have you tested the recovery of systems and data and that you can access them? This sounds so simple but every time you patch, update or add new systems, you need to update your plan(s) to include these changes and you need to test that the plan still works.

 

Does your team know what to do and those that are in charge of various business processes, know who to contact during these events? As staff join and leave an organisation the impact on the BCP/DRP needs to be considered. It’s recommended that staff names are not referred to in the plan, instead refer to the relevant position or title. This is another checkpoint when reviewing the plan(s), to ensure that a position hasn’t been made redundant but is still referred to in the plan.

 

I recommend you annually test your BCP/DRP to ensure you are aware of changes and know that these plans will work in the event you need to do so.

 

My business is in the Cloud, so I’m covered, right?

Having your business systems working in the cloud does provide a level of comfort, however, don’t assume that you system is fully protected. I’ve sat in business discussions with Data Centre people discussing the new virtual structure for a business. I’ve heard the Data Centre ask if the customer wanted to include (optionally), Disaster Recovery as part of the solution. If you have assumed just because your servers are in the cloud, your servers are covered in the event of a disaster, best check your agreements. Check to see what is and is not included in your agreement, as sometimes it’s not as comprehensive as you might think. Ask your Data Centre providers if they can explain, in the event of a disaster, what happens to your systems, including timeframes. In doing this, I’ve discovered some will only recovery the base Virtual Operating systems and assume the business will recover their own environment. Some will not include coverage if their own site is compromised unless you pay extra for it.

What does your SLA state and is this enough for your business to survive?

 

It’s important for any business to know how they manage a disaster and can confidently say to customers, stakeholders, shareholders and most importantly to yourself that your business is safe and will continue to operate. Being offline for a day or so for some businesses is enough to cause irreparable damage, for others, hours matter in the eyes of their customers and competitors. 

 

If you are no longer sure your business is safe in the event of a disaster, I recommend you speak to your IT staff or service provider. If the answer you get isn’t completely reassuring, please contact Nixon Technology to see how we can help you

Move over Wifi

November 24, 2015

There is a new technology being developed to transmit information at up to 1Gb/s. While we in Australia are struggling to get basic internet at more that 15Mb/s and with the NBN years away for the average Australian, perhaps you should talk to us and see what can be done for your business.

Is your IT stressful for you?

November 07, 2015

In a recent article on workplace stress and irritation factors, it identified some of the factors that people would consider commonplace in their own environment. These included, not being valued or paid enough for their work, noisy co-workers in open place offices and poor work/life balance. However, I found it interesting that IT, or how technology was perceived in the workplace make the list.


The article went on to indicate that often Technology doesn't do what it's meant to do, or perceived to do. This raises the question; are we getting satisfaction from our IT provider, and it not, why not?
In discussions with a number of business owners and managers, I've found that many are not happy with their IT service provider. When asked why they haven't rectified the situation or changed providers, most are finding it difficult because they have known this person for a long time and can't fire a friend.


As an exercise, ask your work colleagues what’s the first thing they think of when you mention IT. If they roll their eyes, sigh or groan first; you’re off to a bad start. Perhaps you should talk to Nixon Technology and have your issues resolved.

 

Please reload