Collaborate Disseminate
Watch this episode on our YouTube channel! This is your Shared Security Weekly Blaze for December 17th 2018 with your host, Tom Eston. In this week’s episode: Equifax data breach details released, more Google+ API bugs and Supermicro strikes… Continue reading Equifax Data Breach Details Released, More Google+ API Bugs, Supermicro Strikes Back – WB47
Computer manufacturer Supermicro is still trying to lay to rest reports that the Chinese government tempered with its equipment to spy on Western cloud users. Continue reading Supermicro: We told you the tampering claims were false
An independent audit has found no evidence that malicious chips were planted on Supermicro’s motherboards, debunking Bloomberg claims that servers at Amazon and Apple were being spied upon by China.
Continue reading Supermicro says independent investigation found no spy chips on its motherboards
Executives at Super Micro Computer (Supermicro) contended Tuesday that their company did not fall victim to a major supply chain compromise described in a Bloomberg Businessweek story in October. CEO Charles Liang and senior vice presidents David Weigand and Raju Penumatcha wrote in a letter to customers that a “thorough investigation” by a third-party firm concluded that malicious hardware had not been planted on Supermicro devices. “Recent reports in the media wrongly alleged that bad actors had inserted a malicious chip or other hardware on our products during our manufacturing process,” the letter reads. “After thorough examination and a range of functional tests, the investigations firm found absolutely no evidence of malicious hardware on our motherboards.” The Bloomberg story alleged Chinese operatives embedded rice grain-sized chips onto to motherboards that Supermicro supplied to major technology companies like Apple and Amazon Web Services. The report was immediately met with strong denials from Supermicro […]
The post Supermicro concludes ‘Big Hack’ investigation, says no tampering appeared first on CyberScoop.
Continue reading Supermicro concludes ‘Big Hack’ investigation, says no tampering
In a post-Supermicro-scoop world, it’s important for security teams to review the basics on detecting and guarding against hardware backdoors. Malicious software is relatively easy to find, but what if your actual device is the enemy? Last month… Continue reading Guarding Against Backdoors and Malicious Hardware
This is the 81st episode of the Shared Security Podcast sponsored by Silent Pocket and Edgewise Networks was hosted by Tom Eston and Scott Wright recorded on October 29, 2018. Listen to this episode and previous ones direct via your web … Continue reading Fortnite Scams, Google Search Privacy, Bloomberg SuperMicro Controversy – #81
Super Micro Computer says it is conducting an investigation into the claims made in a Bloomberg Businessweek story about its motherboards being compromised while also maintaining its claim that the story is false. In a letter sent to customers last week, executives said the company, also known as Supermicro, is undergoing a “complicated and time-consuming review” to address the claims made in the article. In a cover story published earlier this month, Bloomberg asserts that motherboards made by Supermicro contain malicious microchips that have been inserted during production by agents of the Chinese government. “We trust you appreciate the difficulty of proving that something did not happen, even though the reporters have produced no affected motherboard or any such malicious hardware chip,” the letter, which was part of a Securities and Exchange Commission filing, reads. “I want to assure you that Supermicro’s design, manufacturing and quality processes are designed to […]
The post Super Micro conducting investigation into Bloomberg claims appeared first on Cyberscoop.
Continue reading Super Micro conducting investigation into Bloomberg claims
Director of National Intelligence Dan Coats told CyberScoop on Thursday that he’s seen no evidence of Chinese actors tampering with motherboards made by Super Micro Computer, becoming the latest national security official to question a Bloomberg report that stated the company was the victim of a supply chain hack. “We’ve seen no evidence of that, but we’re not taking anything for granted,” Coats told CyberScoop. “We’ve haven’t seen anything, but we’re always watching.” The comments came before a speech Coats delivered at CyberTalks, where the director touched on supply chain threats as one facet the administration is focused on when it comes to cybersecurity threats. “Be aware of supply chain threats,” Coats said in his speech. “Understand that cyberthreats to your supply chain are an insidious problem that can jeopardize the integrity of your products.” The remarks come after a cover story in Bloomberg Businessweek stated that Chinese intelligence agents […]
The post Coats: ODNI has seen ‘no evidence’ of supply chain hack detailed in Bloomberg story appeared first on Cyberscoop.
Continue reading Coats: ODNI has seen ‘no evidence’ of supply chain hack detailed in Bloomberg story
FBI and Department of Homeland Security officials continued to push back Wednesday against a recent news story that described a devastating supply-chain attack on major U.S. technology companies, but their testimony in a Senate hearing also emphasized that such threats do remain “very real” in general. “This is a particularly pernicious threat … because it’s very difficult for the average citizen, company or government entity to understand every component that was put into a piece of equipment or network that they’ve purchased,” Homeland Security Secretary Kirstjen Nielsen said in a Homeland Security and Governmental Affairs Committee hearing that also featured FBI Director Christopher Wray. Bloomberg Businessweek reported last week that Chinese operatives had used rice grain-sized chips to compromise motherboards sold by Super Micro Computer (Supermicro), placing a backdoor into many companies, including Apple and Amazon Web Services. The attack, in theory, entails devastating consequences for information security at those companies and beyond. Companies mentioned in the article have issued strongly […]
The post U.S. officials say supply-chain threat is ‘very real’ regardless of Bloomberg story accuracy appeared first on Cyberscoop.
No one is really sure who to believe after Businessweek’s bombshell story on an alleged Chinese supply chain attack against Apple, Amazon, and others. Continue reading The Cybersecurity World Is Debating WTF Is Going on With Bloomberg’s Chinese Microchip Stories