We’ve decided to revise our portfolio and make it as seamless and customer-friendly as possible. This post explains what exactly we’re changing and why.

The evolution of protection

As the threat landscape constantly changes — so do corporate security needs in response. Just a decade ago, the only tool required to protect a company against most cyberattacks was an endpoint protection platform (EPP). Since then, attackers’ methods have grown ever more sophisticated — to the point where simply scanning workstations and servers is no longer sufficient to detect malicious activity.

Modern cyberattacks can be carried out under the guise of legitimate processes — without the use of malware at all. Increasingly, mass threats are beginning to deploy tactics and techniques previously associated only with targeted attacks. To detect such activity and ensure proper incident investigation, companies now need to collect and correlate data from endpoints, identify suspicious activity in their infrastructure, and, most importantly, take prompt countermeasures: isolate suspicious files, halt malicious processes, and sever network connections. To adequately respond to the increased complexity of threats, other tools are now indispensable: Endpoint Detection & Response (EDR) at a minimum, and ideally — Extended Detection and Response (XDR).

Yet EDR is no replacement for EPP. These are different solutions that solve different problems. For effective infrastructure protection, they need to work in tandem. As a result, customers have found themselves having to purchase both tools to ensure an adequate level of information security. We decided to simplify this process by rolling out a new line of products that deliver the security processes necessary in today’s world — with EDR and XDR capabilities at the core.

Simplified product line

Another reason for rethinking our product line was the ever increasing variety of the solutions we offer. Customers had to study many different products, which of course takes a lot of precious time. Therefore, we decided to simplify the line and make sure that each tier of Kaspersky Next covers the main needs of particular groups (rather — profiles) of corporate users. This approach provides room for maneuver while allowing us to use resources to develop the tools necessary to hone our XDR — a single console for products that protect different assets, expanded capabilities for the integration needed for cross-detection of threats, and the launch of new products to further enhance our XDR.

Our new Kaspersky Next approach guarantees maximum transparency of our products’ capabilities. With the particular kinds of threats that are relevant to your company in mind — combined with an accurate assessment of the skill level of your security team — you can choose one of the three Kaspersky Next tiers’ basic solutions, and then expand its capabilities with, first, additional products that cover specific attack vectors, and, second, services that provide expert assistance when and where your in-house team needs it.

What about the old licenses?

We’ve no intention of abandoning customers who use our time-tested solutions. Nor do we plan to cease selling them right away. At least until the end of this year, companies have the option to buy both old and new products. In time, we’ll stop selling licenses for legacy solutions; however, we understand that abrupt migration to new software can have an impact on companies’ workflows, so we’ll continue to renew already purchased licenses as required. The retirement of legacy products won’t occur in the short term.

For customers wishing to switch from older products to the Kaspersky Next line, we offer a flexible license renewal scheme involving trade-in mechanisms.

To learn more about Kaspersky Next, please visit our official page.

Kaspersky official blog – ​Read More

Peeking into someone’s personal diaries or notebooks has always been seen as an invasion of privacy. And since to-do lists and diaries went digital, it’s not just nosy friends you have to worry about — tech companies are in on the action too. They used to pry into your documents to target you with ads, but now there’s a new game in town: using your data to train AI. Just in the past few weeks, we learned that Reddit, Tumblr, and even DocuSign are using or selling texts generated by their users to train large language models. And in light of recent years’ large-scale ransomware incidents, hacking of note-taking apps and a mass leak of user data — your data! — is a possibility you shouldn’t ignore.

So, how do you keep your digital notes both convenient and secure? Enter end-to-end encryption. You might be familiar with the concept from secure messaging apps: your messages can only be decrypted and viewed on your device and the device of the person you’re texting. The company running the service can’t see a thing because they don’t have the decryption key.

Although most users prefer note apps that come with their phones (like Apple’s Notes) or office suite (like Microsoft OneNote), these apps aren’t exactly Fort Knox when it comes to privacy. Some, like Google Keep, don’t even offer end-to-end encryption. Others, such as Apple’s Notes, support it for individual notes or folders. That’s why there are dedicated, albeit lesser-known apps for truly confidential notes. Let’s take a look at a few and see how they stack up.

Joplin

Platforms: Windows (32/64 bit), macOS (Intel/Apple Silicon), Linux, iOS, Android

Personal license: free

Sync options: proprietary Joplin Cloud, Dropbox, ownCloud, Nextcloud, OneDrive, S3, WebDAV via plug-ins

Native platform sync: starts at €2.99/month

Open format: no, but you can export to text

Open source: yes

Website: joplinapp.org

Joplin feels like it was designed by someone who likes the idea behind Evernote, but who has been put off by the bloat and closed-source nature of that app in recent years. Notes are stored in markdown text format. Joplin supports attachments, nested folders, tags, and notebooks. There are just two templates: “note” and “to-do list”. Searching is lightning fast.

Syncing between devices relies on “drivers” — basically plug-ins written for each service. Joplin’s developers maintain almost a dozen of these drivers for all the popular sync services, such as Dropbox. Smooth collaboration and extra features such as emailing a note to yourself require a subscription to the proprietary Joplin Cloud, but it’s pretty affordable. Students and teachers get a 50% discount.

End-to-end encryption is disabled by default, but once you turn it on, your entire database and all attachments are encrypted automatically. There’s a slight quirk: on a PC, the developers have made an odd architectural choice by storing attachments in both encrypted and unencrypted versions.

Joplin has over 200 plug-ins to add features, but setting them up can be a bit of a hassle.

Recently, the developers added text recognition for images. However, since notes are encrypted, the server can’t read them, so searching within photos and PDFs only works after processing the note on your computer.

Joplin can import notes in the proprietary Evernote format and export all data as sets of plaintext files.

Obsidian

Platforms: Windows (32/64 bit, ARM), macOS (Intel/Apple Silicon), Linux, iOS, Android

Personal license: free

Sync options: proprietary service, FTP, Dropbox, S3, and other services via plug-ins

Native platform sync: starts at $4/month

Open format: yes

Open source: no

Website: obsidian.md

Obsidian differs from other note-taking apps through its strong emphasis on organization. It’s super easy to link notes together, create groups and hierarchies, and even build mindmaps in canvas mode. Each note is just a text file stored locally, so you can work on any of them in other apps too.

Obsidian also has a thriving online community, which has built over 1500 plug-ins. These let you connect Obsidian to dozens of external services, handle specific types of notes (from recipes to chemical formulas), automatically process text with ChatGPT, and much more.

To sync your data between devices, you can subscribe to Obsidian’s own paid service, use a third-party plug-in, or just store your notes in a shared cloud folder on Dropbox or OneDrive. Of these, only the native Obsidian Sync service provides encryption. When you enable sync, you can choose between “managed” and “end-to-end” encryption. It goes without saying that the latter is the right choice.

You can import notes from a bunch of different formats using a dedicated plug-in created by the Obsidian team. These include Notion, Evernote, Apple Notes, Microsoft OneNote, and Google Keep.

Students and teachers get a 40% discount.

Standard Notes

Platforms: Windows (64 bit), macOS (Intel/Apple Silicon), Linux, iOS, Android, Web

Personal license: free

Sync options: native or self-hosted

Native platform sync: starts at $7.5/month ($90 billed annually)

Open format: no, but you can export to text

Open source: yes

Website: standardnotes.com

Standard Notes is built on two core principles: flexible note templates for various needs, and a high level of privacy. End-to-end sync encryption is on by default, your notes are encrypted on your device, and you need two-factor authentication to log in. Unlike its competitors discussed above, Standard Notes has a web application, so you can enjoy all of its features in a browser.

As for the note templates, you can use these to store anything you want: from code snippets and to-do lists to financial spreadsheets and even passwords. Speaking of which, Standard Notes can be used for both storing passwords and generating one-time authentication codes (TOTPs). You can even protect individual notes with an extra password for an extra layer of security.

One cool feature of Standard Notes is its “infinite undo”: according to the developers, the app keeps the edit history for each note from the moment it’s created. This might be a lifesaver when working on larger documents like a book or doctoral thesis. Standard Notes supports plug-ins, but there aren’t many to choose from.

Sync options include self-hosting a Standard Notes server or using the proprietary cloud. The Productivity plan will set you back $90 annually, or you can store and sync simple text notes with end-to-end encryption on the free Standard plan. Some of the features we mentioned are only available in the $120-per-year Professional plan, which also includes 100 GB of encrypted file storage, and subscription-sharing with up to five accounts. If you self-host, you still need to buy a license, but it comes at a heavy discount: $39 annually or $113.42 for five years. Students get a 30% discount.

Standard Notes can import data from Evernote, Apple’s Notes, Simplenote, Google Keep, or a set of plain text files.

Extra security

Of course, encryption is of no use if someone steals the data from your computer directly. Data thieves typically use a special type of malware called “infostealers”. These can snatch your files and even intercept passwords as you type them. So, in addition to one of these privacy-focused note-taking apps, make sure to use a comprehensive security system on all your smartphones and computers.

Kaspersky official blog – ​Read More

The esports industry is booming: prize pools for top tournaments have long surpassed $10 million, with peak online viewership exceeding one million. This naturally attracts hackers, who typically either steal game source-code or target individual gamers. Recently, cyberattacks have gone beyond the pale: hackers disrupted a major Apex Legends tournament.

This post explores why gamers need cybersecurity, and how they can get it.

What happened

During the final match of the North American leg of the Apex Legends Global Series (ALGS) tournament between the Dark Zero and Luminosity teams, a cheat configuration window suddenly popped up on a player’s screen. The bewildered player also gained the ability to see in-game opponents through walls (“wallhack”) — a capital offense in competitive gaming, usually punishable by a multi-year or even lifetime ban. The player was disqualified, and their team received a technical defeat.

The tournament organizers didn’t adjust the rules or implement additional security measures on players’ computers, leading to a repeat incident a few matches later: another pop-up cheat window, wallhack, and even aimbot functionality this time. At this point, the organizers suspected something was up: cheaters can indeed be found in esports, but brazenly opening a cheat window mid-game seemed beyond belief. The match was stopped, and the tournament postponed indefinitely.

Shortly after, a user nicknamed Destroyer2009 claimed responsibility on social media, stating they exploited a remote code execution vulnerability. However, the supposed culprit didn’t specify where the vulnerability resided: in Apex Legends itself, the Easy Anti-Cheat software mandatory for esports tournaments, or another program. Easy Anti-Cheat representatives declared their software secure. Gamers worldwide await a similar statement from Respawn Entertainment — Apex Legends’ developers — but so far there’s been no word; however, Respawn did announce that it has already released the first in a series of security updates.

This case is unprecedented in esports. Internet issues? Sure. Hardware problems? Those happen too. But never before has a tournament been interrupted and postponed due to hackers.

Esports needs protection

Of course, it’s premature to draw conclusions before the investigation concludes: the tactics and methods used by the attackers, the vulnerability exploited, and the software at fault all remain unknown. However, it’s likely that the Apex Legends players’ computers lacked robust protection, which could also have prevented other embarrassing situations in esports. For example, in the summer of 2023 during the Bali Major 2023 Dota 2 tournament, Russian player Ivan “Pure” Moskalenko found himself at the center of a controversy. Mid-match, Ivan accessed his own game’s Twitch stream, potentially gaining an advantage as the stream displayed both teams’ positions. Tournament organizers weren’t pleased, disqualifying the gamer and handing his team a technical defeat.

The tournament rules stipulated restricted internet access from gaming terminals during matches: only Steam, Dota 2, and TeamSpeak were allowed. But simply blocking specific websites — or all extraneous resources altogether — could have been achieved with security solutions.

Nuances of protecting esports players

Gamers often consciously reject cybersecurity, guided by the outdated belief that “antiviruses slow games down”. But the reality today is that this isn’t the case: tests show that protection has no impact on gameplay whatsoever.

Skeptics also like to cite instances where annoying antivirus notifications popped up on the screen at crucial moments during games. Our products offer a special gaming mode, which activates automatically when games (and some other applications in fullscreen mode) are launched, pausing anti-virus database updates, notifications, and scheduled computer scans. Your computer remains protected — even during the most intense esports matches, while Kaspersky Premium works in the background.

Though it’s not known for certain where exactly the RCE vulnerability used by the hacker during the ALGS tournament is hidden, we recommend that all fans of this game install reliable gaming protection on their combat computers.

And to protect your privacy while gaming, use our ultra-fast VPN — either standalone or included with a Kaspersky Premium subscription. Special VPN servers in a separate “Gaming” locations list use the optimized Catapult Hydra protocol to reduce latency, which is crucial because the lower it is, the better the gaming experience.

Kaspersky official blog – ​Read More

Did you know that cybersecurity and… beekeeping are like two peas in a pod? If not, you probably missed the introduction, back in 2019, of our bee-hive-oristic engine, which protects ATMs from physical break-ins through integration with an actual beehive (while also providing the ATM’s owners with honey, beeswax, and propolis). To implement the engine, we proposed training ATM maintenance workers and cash-in-transit personnel in applied beekeeping for information security.

So, when the new movie with Jason Statham, The Beekeeper, came out earlier this year, I knew right away it had to be about cybersecurity. And wouldn’t you know it, I was right. Now, let’s break down the cybersecurity cases shown in “The Beekeeper”. Sure, there’ll be spoilers, but come on, you don’t watch a Statham movie for the plot twists now do you? It’s all about the action, right?

The main character, Adam Clay, is a retired beekeeper — in the sense that he’s a former member of a beekeeper special-ops unit. The Beekeepers are a secret organization that answers to nobody, keeps order in the country, and follows the philosophy drawn from the book “Beekeeping for Beekeepers”. After retirement, Clay moves in with a sweet old lady, Eloise Parker, and devotes himself to his favorite pastime: beekeeping. That’s right, Adam is a beekeeper. Literally. Breeding bees in his free time. (Look, I didn’t write the movie, OK?) Of course, as usually happens in any Jason Statham movie, some bad guys show up, mess with Adam’s loved ones, and then spend the rest of the movie trying to mess with the man himself — to no avail. All this happens against a backdrop of some sinister cybercrimes, which actually seem way more realistic than the action sequences.

Vishing: robbery over the phone

The first to get stung is poor Eloise. One day, when she opens her list of banking transactions, she receives a well-crafted warning that her computer’s hard drive is infected with two viruses. Very conveniently, the warning displays a tech-support number to help her get rid of the malware.

Of course, it’s scammers on the line — using their social engineering tricks to rob the poor woman blind. Here’s how they do it: first, they convince her to visit the website friendlyfriend.net and download a certain app (which actually gives them control of the victim’s computer). Then, as an apology for the inconvenience, the fraudsters promise to wire $500 to Eloise, but “accidentally” transfer $50,000 and ask her to return the excess. She seems to consider contacting the bank, but the guy on the phone convinces her he’ll lose his job if she does, and persuades her to transfer the money directly. This is how the scammers get Eloise to enter her “password for all accounts”, which they promptly intercept and use to drain not only all her savings and retirement funds but also two million dollars from the charity fund she runs.

Lessons from the vishing attack

Gotta hand it to the writers, they did their homework on online scams. The attack depicted in the movie combines real-life fake tech-support and vishing tactics with a clever twist — the “accidental” overpayment. Eloise is portrayed as a completely inexperienced user (precisely the type scammers target in real life), and she makes a bunch of mistakes we can learn from.

Don’t call phone numbers that pop up in random windows. Best case, it’s a shady ad; worst — a scam.
Don’t install software just because some stranger tells you to — especially if they admit it’s for remote access; double especially if the website is called friendlyfriend.net and the advertising slogan reads “A remote desktop solution that makes sense”. That definitely doesn’t make sense.
If you know you have remote access software on your computer, don’t enter any sensitive information — especially your payment passwords.
Having a single password for all your bank accounts is a very bad idea; use unique passwords for everything.

In any case, Eloise should have been wary of the promise to be transferred $500. Nobody gives money away. The right move would have been to hang up and call a family member —  in her case best would have been her daughter, who works in law enforcement. And her daughter should have installed a reliable protective solution on the computer in advance. That would have stopped the “viruses” along with the pesky pop-up windows.

Beekeepers’ showdown

It wouldn’t be a Jason Statham movie if he didn’t spend most of it violently killing bad guys, and so, as expected, that’s just what he does — specifically wasting the cybercriminals, their guards, and actually anyone else who gets in his way. But at some point, it turns out that the call-center network scamming all these retirees is run by some high-ranking villains who know about the Beekeepers and have connections in the intelligence agencies. These agencies pressure the Beekeepers to stop Clay, so the latter send his former colleague, Anisette, who took over Adam’s job after he retired. She dies heroically, and the Beekeepers conduct their own investigation and then decide to stay out of it. Hey, listen, I told you already — I didn’t write this stuff.

What’s interesting about these inter-hive disputes is how Adam decides to upgrade his arsenal at the expense of his deceased colleague. For this, he cuts off her finger, breaks into her beekeeping facility (which also houses a weapons cache), and uses her fingerprint to open several biometric locks. Besides weapons and ammo, Clay also gets her password (DR07Z, printed on a piece of paper) and hacks into the Beekeepers’ information systems. So much for the super-secrecy of this organization. Using the Beekeepers’ systems, he finds the addresses of the call centers, prints them out on a dot matrix printer, and goes back to his warpath.

Silly as it may seem, there’s a serious lesson here: don’t rely solely on biometrics, and protect important things (and data) with at least two-factor authentication. Plus, of course, use strong passwords (five characters is just way too short) and store them in a dedicated password manager.

Misuse of cyberweapons

By the end of the film we see the whole picture of the crime. Turns out the mastermind of the operation is the CEO of a company developing software for intelligence agencies. He uses some “classified algorithmic data-mining software package developed by the intelligence community” to find lonely retirees with substantial savings. When cornered, he flat-out admits he taught the software “to hunt for money, not terrorists”. What utter gibberish.

However, the idea behind this plot twist is bang on the money — all these mass surveillance and espionage tools governments develop, along with other cyberweapons, could easily fall into the wrong hands and be used to attack innocent people. And that’s no longer fiction — just look at the WannaCry attack. The EternalBlue exploit and DoublePulsar backdoor used in it were supposedly stolen from intelligence agencies and made publicly available.

So, this seemingly nonsensical action flick actually teaches us that dangerous tools can be used in mass cyberattacks at any moment. Therefore, it pays well to be prepared for anything and use reliable security tools both on personal devices and for corporate protection.

Kaspersky official blog – ​Read More

In mid-March, researchers from several U.S. universities published a paper demonstrating a hardware vulnerability in Apple’s “M” series CPUs. These CPUs, based on the ARM architecture and designed by Apple, power most of its newer laptops and desktops, as well as some iPad models. The issue could potentially be exploited to break encryption algorithms. The attack that uses this vulnerability was dubbed “GoFetch”.

The combination of a juicy topic and a big-name manufacturer like Apple led to this highly technical paper being picked up by a wide range of media outlets — both technical and not so much. Many ran with alarmist headlines like “Don’t Trust Your Private Data to Apple Laptops”. In reality, the situation isn’t quite that dire. However, to really get to the bottom of this new problem, we need to delve a little into how CPUs work — specifically by discussing three concepts: data prefetching, constant-time programming, and side-channel attacks. As always, we’ll try to explain everything in the simplest terms possible.

Data prefetching

The CPU of a desktop computer or laptop executes programs represented as machine code. Loosely speaking, it’s a bunch of numbers — some representing instructions and others representing data for calculations. At this fundamental level, we’re talking about very basic commands: fetch some data from memory, compute something with this data, and write the result back to memory.

You’d think these operations should be executed in this order. Here’s a simple example: a user enters their password to access a cryptocurrency wallet. The computer needs to read the password from RAM, run a few computing operations, check that this is the correct password, and only then grant access to the confidential data. If this were the way today’s CPUs executed all code, our computers would be painfully slow. So how do you speed things up? You do a lot of optimization — such as data prefetching.

Data prefetching works like this: if the program code contains a command to fetch data, why not load it ahead of time to speed things up? Then, should the data come in handy at some point, we’ve just made the program run a bit faster. No big deal if it doesn’t come in handy: we’d just discard it from the CPU’s cache and fetch something else.

That’s how basic data prefetching works. Apple CPUs make use of a newer prefetcher known as “data memory-dependent prefetcher”, or DMP. In a nutshell, DMP is more aggressive. Commands to fetch data from memory are not always explicit. Pointers to specific memory locations might be the result of computing work that still needs to be performed, or they might be stored in a data array that the program will access later. DMP tries to guess which data in the program is a pointer to a memory location. The logic is the same: if something looks like a pointer, try fetching data at that address. The guessing process relies on the history of recent operations — even if they belong to a completely different program.

In 2022, another study demonstrated that DMP tends to confuse pointers with other data the program is working with. This isn’t necessarily a problem by itself — loading the wrong stuff into the CPU cache isn’t a big deal. But it becomes a problem when it comes to encryption algorithms. DMP can break constant-time programming under certain conditions. Let’s talk about this next.

Constant-time programming

There’s a simple rule: the time it takes to process data must not depend on the nature of that data. In cryptography, this is a fundamental principle for protecting encryption algorithms from attacks. Often, malicious actors try to attack the encryption algorithm by feeding it data and observing the encrypted output. The attacker doesn’t know the private key used to encrypt the data. If they figure out this key, they can decrypt other data, such as network traffic or passwords saved in the system.

Poor encryption algorithms process some data faster than others. This gives the malicious actor a powerful hack tool: simply by observing the algorithm’s runtime, they can potentially reconstruct the private key.

Most encryption algorithms are immune to this type of attack: their creators made sure that computing time is always the same, regardless of the input data. Algorithm robustness-tests always include attempts at violating this principle. This is what happened, for example, in the Hertzbleed attack. However, to make actual key theft possible, the attack must use a side channel.

Side-channel attack

If DMP prefetching sometimes confuses regular application data with a memory pointer, does that mean it can mistake a piece of a private key for a pointer? It turns out it can. The researchers demonstrated this in practice using two popular data encryption libraries: Go Crypto (Go developers’ standard library), and OpenSSL (used for network traffic encryption and many other things). They investigated various encryption algorithms — including the ubiquitous RSA and Diffie-Hellman, as well as Kyber-512 and Dilithium-2, which are considered resistant to quantum computing attacks. By trying to fetch data from a false pointer that’s actually a piece of a private key, DMP essentially “leaks” the key to the attacker.

There’s one catch: the hypothetical malware needed for this attack has no access to the cache. We don’t know what DMP loaded there or which RAM address it fetched the data from. However, if a direct attack isn’t possible, there’s still a chance of extracting information through a side channel. What makes this possible is a simple feature of any computer: data loaded into the CPU cache is processed faster than data residing in regular RAM.

Let’s put this attack together. So, we have malware that can feed arbitrary data to the encryption algorithm. The latter loads various data into the cache, including a secret encryption key. DMP sometimes mistakenly fetches data from an address that’s actually a piece of this key. The attacker can find out indirectly that data has been prefetched from a certain address by measuring the time it takes the CPU to access certain pieces of data: if the data was cached, accessing it will be slightly faster than otherwise. This was exactly how the researchers broke the constant-time programming principle: we can feed arbitrary text to the algorithm and watch the processing time vary.

So, is your data at risk?

In practice, extracting an encryption key requires dozens to hundreds of thousands of computing operations as we feed data into the algorithm and indirectly monitor cache status. This is a sure-fire attack, but a very resource-intensive one: stealing a key takes an hour at best — more than ten hours at worst. And for all this time, the computing effort will keep the device running almost at full capacity. The GoFetch website has a video demonstration of the attack, where the private key is extracted bit by bit — literally.

However, that’s not what makes the attack impractical. We’ve repeatedly mentioned that the attack requires malware to be installed on the victim’s computer. As you can imagine, if this is the case, the data is already compromised by definition. There are likely far simpler ways to get to it at this point. This is the reason why the OpenSSL developers didn’t even consider the researchers’ report: such attacks fall outside their security model.

All studies like this can be compared to civil engineering. To make a structure robust, engineers need to study the characteristics of the materials to be used, the given location’s soil properties, make provisions for the risk of earthquakes, and do many other things. In most cases, even a poorly constructed building will stand for decades without problems. However, a rare combination of circumstances may lead to disaster. Attack scenarios like GoFetch are designed to avert such disasters that lead to mass leaks of user secrets.

The researchers are going to continue studying this fairly new prefetching mechanism. Intel processors also use it starting with the 13th generation, but they’ve proved insusceptible to this particular kind of attack proposed in the research paper. What’s important is that the vulnerability can’t be patched: it will continue to affect Apple’s M1 and M2 CPUs for their entire lifespan. The only way to prevent this type of attack is by modifying encryption algorithms. One possibility involves restricting the calculations to the CPU’s “energy-efficient” cores, as DMP only works on “high-performance” cores. Another one is obfuscating encryption keys before loading them into RAM. A side effect of these methods is performance degradation — but the user would hardly even notice. In turn, Apple M3 CPUs feature a special flag that disables DMP optimization for particularly sensitive operations.

Let’s summarize. There’s no immediate threat to data stored on Apple devices — hardly anyone would try using a technique this complex to steal that data. Nevertheless, the work of these U.S. researchers is still valuable because it sheds some light on hitherto-unknown operating aspects of how the latest CPUs work. Their efforts aim to prevent future problems that might arise if an easier exploit is discovered.

Kaspersky official blog – ​Read More