Austrian researchers say they've created the very first malware that can be stored in Intel SGX enclaves. Intel introduced a new hardware extension called SGX (Software Guard Extensions) that isolates the CPU memory at the hardware level. Researchers demonstrated how this "super malware"" can attack its host and leak data from enclaves located on the…

New code injection technique called "Process Doppelg..nging"" bypasses most modern AVs. Researchers say malicious code that utilizes this technique is never saved to disk (fileless attack) Source: ESET

Google Chrome users complain of "Aw Snap!"" crashes as the Code Integrity feature gets re-enabled in the latest version of the browser. The error is caused by incompatible software on the system. Google listed PC Matic Source: notifying users that the Code integrity verification would be back in."

Dennis Fisher talks with Cormac Herley of Microsoft Research about the realities of the underground economy. He explains why sales of stolen credit cards resemble a market for lemons and how we can get better data on cybercrime activities. Dennis Fisher: "Cybercrime is not a black market Source: security

Documents filed as part of a lawsuit against Russia's government, as well as the Trump campaign, for an alleged hack which led to a trove of internal DNC emails being stolen and disclosed during 2016 election. DNC: "On November 14 Source: although there is no evidence that the attack was successful"" Multiple links are connecting the…

Joe Vito Venzor, 41, used a hidden account he created with the name of "elplaser"" shut down the company's email and application servers on September 1 Source: a boot-making company headquartered in El Paso

China-based electronics company Xiaomi said it has fixed a "cache update"" issue for its Xiaomi Mijia smart camera. The issue came to light after a Reddit user claimed being able to see strangers on his Xiaomi camera on his Google Nest Hub instead showed videos of strangers. Xiaomi told Threatpost that at least 1 Source: security

Watch our FREE webinar as we explore cybersecurity priorities for hospitals and healthcare-related service providers. Ransomware, patching, device security and data breaches each make up the tsunami of attacks that have targeted the healthcare sector in recent months. This webinar is for security IT staff, healthcare CISOs, decision-makers or analysts interested in exploring the latest…

Cyber National Mission Force (CNMF) uploads malware samples to VirusTotal, a website used by antivirus/malware detection engines. Two samples have already been added to the malware zoo, indicating a new openness from the federal government when it comes to cyber. Cybersecurity expert: "This is a huge leap forward for the cybersecurity community"" Cybersecurity analyst: ""For…

Dan Geer and Richard Thieme spoke Wednesday at Source Boston 2013. They said security is becoming institutionalized and practitioners will no longer come to security from a variety of backgrounds. Geer: "This is truly a renaissance field. While you can Source: April 18, 2013