TPM-FAIL vulnerabilities impact TPM chips in desktops, laptops, servers

TPM-FAIL lets attackers steal private keys from TPMs. Attacks take from minutes to a few hours.
US Court rules travellers' phones and laptops cannot be searched arbitrarily

Any searches conducted at the US border without reasonable suspicion will now be a violation of the Fourth Amendment.
Microsoft's November 2019 Patch Tuesday arrives with a patch for an IE zero-day

The November 2019 Patch Tuesday fixes 74 vulnerabilities, of which 13 are rated "Critical."

Intel, Mozilla, Red Hat, and Fastly partner to make WebAssembly a cross-platform runtime

The Bytecode Alliance's main goal is to promote the use of security-hardened WebAssembly tools.
The /e/ Google-free, pro-privacy Android phone runs well -- for a beta

Hate Apple lock-in? Don't want to have Google looking over your shoulder? Then, you may want to consider installing the Google-free /e/ Android fork on your smartphone or even buying ...
Flaw in Intel PMx driver gives 'near-omnipotent control over a victim device'

Intel released an updated version of pmxdrvx64.sys and pmxdrv.sys; however, patching might take a while.

Intel's Cascade Lake CPUs impacted by new Zombieload v2 attack

Zombieload v2 impacts Intel CPUs released since 2013, if they support the Intel TSX instruction set.
Manual code review finds 35 vulnerabilities in 8 enclave SDKs

All issues have been privately reported and patches are available.
Twitter is asking for your help in the battle against deepfakes

Social media platforms are racing to fight the spread of fake content. Now Twitter is turning to its users for guidance on the best strategy to implement. ...

Backdoor security attacks

More from ZDNet Staff