2541

Double blow to dark web marketplaces
https://www.europol.europa.eu/newsroom/news/double-blow-to-dark-web-marketplaces
https://www.justice.gov/opa/pr/three-germans-who-allegedly-operated-dark-web-marketplace-over-1-million-users-face-us

2542

Buckeye: Espionage Outfit Used Equation Group Tools Prior to Shadow Brokers Leak
https://www.symantec.com/blogs/threat-intelligence/buckeye-windows-zero-day-exploit

2543

Dharma Ransomware Uses AV Tool to Distract from Malicious Activities
https://blog.trendmicro.com/trendlabs-security-intelligence/dharma-ransomware-uses-av-tool-to-distract-from-malicious-activities/

2544

North Korean Tunneling Tool: ELECTRICFISH
https://www.us-cert.gov/ncas/analysis-reports/AR19-129A

2545

Hackers breached 3 US antivirus companies, researchers reveal
https://arstechnica.com/information-technology/2019/05/hackers-breached-3-us-antivirus-companies-researchers-reveal/

2546

I hate vague reports. (Gossip.)

2547

More details here: https://www.advanced-intel.com/blog/top-tier-russian-hacking-collective-claims-breaches-of-three-major-anti-virus-companies

2548

Same information just posted on a different platform. Still no particulars. 3 Major American AV companies doesn’t really give any specifics.

2549

Only a handful major AV companies in the US, so take your best guess. :wink:
Anyway, as we’re running Avast (non US), there’s nothing to worry about.

2550

Technical Analysis: Pacha Group Competing against Rocke Group for Cryptocurrency Mining Foothold on the Cloud
https://www.intezer.com/blog-technical-analysis-cryptocurrency-mining-war-on-the-cloud/

2551

Blocking Hyperlink Auditing Tracking Pings with Extensions
https://www.bleepingcomputer.com/news/security/blocking-hyperlink-auditing-tracking-pings-with-extensions/

2552

Israeli Firm Tied to Tool That Uses WhatsApp Flaw to Spy on Activists
https://www.nytimes.com/2019/05/13/technology/nso-group-whatsapp-spying.html

2553

Fxmsp Chat Logs Reveal the Hacked Antivirus Vendors, AVs Respond
https://www.bleepingcomputer.com/news/security/fxmsp-chat-logs-reveal-the-hacked-antivirus-vendors-avs-respond/

2554

Thanks for the link. The opriginal post stated that it effected 3 US security Companies.
Now the statement is 3 companies with offices in the US. Big difference since many Security companies have offices in the US.

2555

ZombieLoad: Cross Privilege-Boundary Data Leakage
https://www.cyberus-technology.de/posts/2019-05-14-zombieload.html
https://zombieloadattack.com/
https://cpu.fail/

2556

RIDL and Fallout: MDS attacks
Attacks on the newly-disclosed “MDS” hardware vulnerabilities in Intel CPUs

https://mdsattacks.com/

https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html

https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf

https://zombieloadattack.com/#attack

2557

So according to the tool offered here, https://mdsattacks.com/ my system is vulnerable.

https://screencast-o-matic.com/screenshots/u/Lh/1557921874568-73818.png

So the next logical question is how dangerous is this for the average user and,
probably more important, when will there be an actual fix outside of purchasing AMD ???

2558

According to Intel, medium to low, see: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html

2559

Since it’s their chip, income and reputation, I’ll be just a bit sceptical with anything they have to say till verifies by a third independent source.

2560

Hi Bob, agreed. Here’s an overview of the currently available updates/fixes. Hope it helps. (German site)
https://www.heise.de/ct/artikel/Updates-gegen-die-Intel-Prozessorluecken-ZombieLoad-Co-4422413.html