Significant flaws in AMD processors were reported by CTS Labs. AMD says it's investigating, but also said it had never heard of CTS Labs, and that CTS gave AMD only a day's warning before going public. The flaws, which affect EPYC, Ryzen, Ryzen Pro, and Ryzen Mobile processors, require admin rights for exploitation. CTS Labs calls the vulnerabilities "Masterkey," "Ryzenfall," "Fallout," and "Chimera." Security experts differ over how severe the problems are; few seem willing to defend the way they were disclosed.
Cylance describes OceanLotus (also known as APT32 or Cobalt Kitty), a cyber espionage group generally believed to operate from Vietnam. [But note the correction, below.] OceanLotus uses sophisticated backdoors, obfuscated beacon payloads, and an array of loaders assembled from a range of exploit kits. ESET is also tracking the group.
The UK is expelling twenty-three Russian diplomats in retaliation for the attempted assassination of a former GRU officer. Russia offered no explanation (beyond denial) before last night's midnight deadline, instead demanding explanation of rumors that the UK is considering retaliatory cyberattacks against Russia. HM Government is asking for a UN Security Council meeting.
Another Russian, businessman Nikolai Glushkov, fugitive from Russian justice in an Aeroflot embezzlement case and witness in the Litvinenko assassination (also in the UK) died under "unexplained" circumstances Tuesday in his London home. Police report signs of strangulation.
The MuddyWater threat group, generally associated with Iran, also seems disposed to play rough. Trend Micro researchers probing a server connected to the group received a message, "Stop!!! I Kill You Researcher."