A Review of the Best News of the Week on Cyber Threats & Defense

How Meltdown and Spectre Were Independently Discovered By Four Research Teams At Once (Wired, Jan 07 2018)
The uncanny coincidences among the Meltdown and Spectre discoveries raise questions about “bug collisions”—and the safety of the NSA’s hidden vulnerability collection.

Microsoft Patches for CPU Flaws Break Windows, Apps (SecurityWeek, Jan 08 2018)
Users have complained that the updates released by Microsoft last week for the Spectre and Meltdown vulnerabilities cause Windows to break down on some computers with AMD processors.

Scary Chip Flaws Raise Spectre of Meltdown (Krebs on Security, Jan 05 2018)
Apple, Google, Microsoft and other tech giants have released updates for a pair of serious security flaws present in most modern computers, smartphones, tablets and mobile devices. Here’s a brief rundown on the threat and what you can do to protect your devices.

Sponsored by LogRhythm
SIEM Magic Quadrant
Gartner Positions LogRhythm in SIEM Leaders Quadrant for 5th Consecutive Year. Get the report

Hacker Lexicon: What Is Sinkholing? (Wired, Jan 02 2018)
What’s one good way to bring down a botnet? Send that traffic to a sinkhole.

macOS Zero Day details exposed by researcher (SC Magazine, Jan 03 2018)
An independent security researcher that goes by the handle Siguza revealed a local privilege escalation Zero Day in macOS that can be exploited by any unprivileged user.

Cloud-based docs the new frontier for phishing attacks (SC Magazine, Jan 04 2018)
Ever on the lookout for a new avenue of attack, cybercriminals had figured out a method of using Google App Scripts to automatically download malware hosted in Google drive to any computer.

US Gov Outlines Steps to Fight Botnets, Automated Threats (Dark Reading, Jan 08 2018)
The US Departments of Commerce and Homeland Security identify the challenges of, and potential actions against, automated cyberattacks.

LockPoS Malware Sneaks onto Kernel via new Injection Technique (Dark Reading, Jan 05 2018)
“Alarming evolution” of Flokibot bypasses antivirus software and was likely built by a group of advanced attackers, researchers say.