Category Archives: Blog

A new vulnerability in Intel and AMD CPUs lets hackers steal encryption keys

Enlarge Microprocessors from Intel, AMD, and other companies contain a newly discovered weakness that remote attackers can exploit to obtain cryptographic keys and other secret data traveling through the hardware, researchers said on Tuesday. Hardware manufacturers have long known that hackers can extract secret cryptographic data from a chip by measuring the power it consumes…

Coinbase lays off 18 percent of staff as CEO says, “We grew too quickly”

Enlarge / Coinbase CEO Brian Armstrong speaks during the Milken Institute Global Conference on May 2, 2022 in Beverly Hills, California. (credit: Getty Images | Patrick T. Fallon ) Cryptocurrency exchange Coinbase is laying off 18 percent of its staff, the company announced today. The layoffs will cut 1,100 workers at the largest crypto exchange…

Credentials for thousands of open source projects free for the taking—again!

Enlarge (credit: Getty Images) A service that helps open source developers write and test software is leaking thousands of authentication tokens and other security-sensitive secrets. Many of these leaks allow hackers to access the private accounts of developers on Github, Docker, AWS, and other code repositories, security experts said in a new report. The availability…

Tsunami of junk traffic that broke DDoS records delivered by tiniest of botnets

Enlarge (credit: Aurich Lawson | Getty Images) A massive flood of malicious traffic that recently set a new distributed denial-of-service record came from an unlikely source. A botnet of just 5,000 devices was responsible, as extortionists and vandals continue to develop ever more powerful attacks to knock sites offline, security researchers said. The DDoS delivered…

Botched and silent patches from Microsoft put customers at risk, critics say

Enlarge (credit: Drew Angerer | Getty Images) Blame is mounting on Microsoft for what critics say is a lack of transparency and adequate speed when responding to reports of vulnerabilities threatening its customers, security professionals said. Microsoft’s latest failing came to light on Tuesday in a post that showed Microsoft taking five months and three…

Patent Litigation Financing: Fighting Efficient Infringement with Funding

Today, many companies make the business decision to infringe patented technology instead of paying a royalty to license it—so called efficient infringement. The calculation is that it will ultimately be less expensive to ignore the patent rights of innovations than to take a license in an arm’s length negotiation. Over the last 15 years, that…

Coca-Cola Win Reversed at CAFC in Case Over Indian Soda Trademarks

The U.S. Court of Appeals for the Federal Circuit (CAFC) today reversed a decision of the U.S. Patent and Trademark Office’s (USPTO’s) Trademark Trial and Appeal Board (TTAB) that had canceled two marks for Thums Up cola and Limca lemon-lime soda owned by Meenaxi Enterprise, Inc. The CAFC held that Coca-Cola had not established a…

Police linked to hacking campaign to frame Indian activists

Enlarge / Bike rally by police personnel during “We Make Pune City Safe” awareness campaign on October 3, 2017, in Pune, India. (credit: Pratham Gokhale/Getty) Police forces around the world have increasingly used hacking tools to identify and track protesters, expose political dissidents’ secrets, and turn activists’ computers and phones into inescapable eavesdropping bugs. Now,…

Mega says it can’t decrypt your files. New POC exploit shows otherwise

Enlarge (credit: Aurich Lawson | Getty Images) In the decade since larger-than-life character Kim Dotcom founded Mega, the cloud storage service has amassed 250 million registered users and stores a whopping 120 billion files that take up more than 1,000 petabytes of storage. A key selling point that has helped fuel the growth is an…