Safety and Security

Security Flaw Puts Most Connected Devices At Risk

Intel, Advanced Micro Devices (AMD) and ARM Holdings were facing flack Wednesday (Jan. 3) after the release of a new security research report warning of security flaws that make computing systems vulnerable to hackers.

According to a report in Reuters, security researchers warned that any computer device that has chips from Intel, AMD and ARM are at risk. One of the security flaws is limited to Intel, but another flaw can put smartphones, laptops, desktop computers, tablets and internet servers at risk.

Researchers at Alphabet’s Google Project Zero first spotted the flaws, along with academia and industry researchers residing in different countries.

One security flaw, dubbed Meltdown, impacts Intel semiconductors, enabling hackers to get past barriers between user-run apps and the computer’s memory, enabling bad guys to steal passwords. The other security flaw, Spectre, impacts chips from all three companies, meaning that hackers can trick error-free apps into providing confidential data.

In an interview with Reuters, Daniel Gruss, one of the researchers at Graz University of Technology who discovered Meltdown, said the security flaw is “probably one of the worst CPU bugs ever found.” While he noted that it is a big problem, he said that software patches could stop it in its tracks. On the other hand, the Spectre bug is more difficult for hackers to breach, but because it can’t be patched, it could be a longer-term problem.

During an interview with CNBC covered by Reuters, Intel’s chief executive, Brian Krzanich, said the company was alerted to the flaws by Google researchers “a while ago.” He noted that the semiconductor company has been testing fixes that device makers will release next week. “Phones, PCs, everything are going to have some impact, but it’ll vary from product to product,” said the executive.


New PYMNTS Report: Preventing Financial Crimes Playbook – July 2020 

Call it the great tug-of-war. Fraudsters are teaming up to form elaborate rings that work in sync to launch account takeovers. Chris Tremont, EVP at Radius Bank, tells PYMNTS that financial institutions (FIs) can beat such highly organized fraudsters at their own game. In the July 2020 Preventing Financial Crimes Playbook, Tremont lays out how.