Happy New Year to everyone! May 2018 provide you with interesting problems and the patience to solve them :) On to the recent kerfuffle about the Intel processor bugs. These vulnerabilities were identified in early January by Google (original Google security post) CVE-2017-5715 CVE-2017-5753 CVE-2017-5754 These vulnerabilities have been named "Spectre" and "Meltdown" and are causing a certain amount of anxiety in some environments. IBM has produced an excellent write up of the vulnerabilities and includes information about the impacts and includes the CVE ratings: https://exchange.xforce.ibmcloud.com/collection/c422fb7c4f08a679812cf1190db15441 Of course new vulnerabilities are bad, and often require work and remediation, but this should be part of your environment's standard vulnerability assessment and remediation program. It's not sufficient to just apply patches from a single vendor (e.g. Microsoft) on a monthly basis and consider
Ideas, tips, tricks, and theory on Information Security, risk management, forensics, and e-discovery.