As this week comes to a close we are officially in a new era of compliance and security with the implementation of GDPR taking effect today. While this has been on the top of most companies minds, a developer found a new vulnerability related to Spectre, so expect new patches soon. Have a safe and enjoyable Memorial Day Weekend.
Spectre chip security vulnerability strikes again; patches incoming
“A Google developer discovered a new way that a 'Spectre'-style check can be used to attack any computer running any operating system.”
Compliance is Not Synonymous With Security
“While the upcoming GDPR compliance deadline will mark an unprecedented milestone in security, it should also serve as a crucial reminder that compliance does not equal security. Along with the clear benefits to be gained from upholding the standards enforced by GDPR, PCI DSS, HIPAA, and other regulatory bodies often comes a shift toward a more compliance-centric security approach.”
New Spectre Variants Add to Vulnerability Worries
“The Spectre and Meltdown vulnerabilities hit the most basic level of computer hardware, striking the logical interface between instruction execution and cache. Intel and operating system publishers since have released patches to remediate these two issues but the problem with the CPU architecture remains, with the addition of new vulnerabilities disclosed this week.”
Critical Flaw Impacts Dell EMC RecoverPoint
“Several security flaws were recently found in Dell EMC RecoverPoint, including a Critical remote code execution vulnerability, security firm Foregenix reveals. Researchers from Foregenix found a total of six security issues impacting all versions of Dell EMC RecoverPoint prior to 5.1.2, as well as RecoverPoint for Virtual Machines prior to 5.1.1.3.”
Most Expensive Data Breaches Start with Third Parties: Report
“Data breach costs increased 24% for enterprise victims and 36% for SMBs from 2017 to 2018, researchers found.”