Learn about Zero Trust Architecture
Impenetrable cybersecurity without sacrificing usability
Gain detailed visibility into all your endpoints activities
Harden applications and hardware environments
Immediate and continuous response to incidents
Close the window of time your data could be exposed
Get your Comodo solutions setup, deployed or optimized
Control access to malicious websites
Defend from any internet based threats
Stop email threats before it enters your inbox
Preserve and protect your sensitive data
Keep your website running fast and malware free
Add encryption to your websites
Automated certificate mgmt. platform
Secure private intranet environments
Digital signature solutions for cloud apps
Encrypt emails for senders and recipients
Stay compliant with PCI DSS
Trusted authentication for IoT devices
Francisco Partners a leading technology-focused private equity fund, has acquired a majority stake in Comodo’s certificate authority business. Newly renamed from Comodo CA Limited to Sectigo Limited. Privacy Policies, Trademarks, Patents and Terms & Conditions are available on Sectigo Limited’s web site.
Meet the people behind the direction for Comodo
Get the latest news about Comodo
People are the key to achievement and prosperity
Stay up to date with our on-demand webinars
Worldwide: Sales, Support and General Inquiries
Schedule a live demonstration of our solutions
Need immediate help? Call 1-888-551-1531
Instantly removes viruses to keep your PC virus free
Experience true mobile security on your mobile apple devices
Secure Internet Browser based on Chrome
Chrome browser internet security extension
Submit a ticket to our support team
Share any product bugs or security flaws
Collaborate with research experts on data sets
Valkyrie Threat Intelligence Plugins
Valkyrie Threat Intelligence APIs
Kim Crawley
The cybersecurity industry is all abuzz over a recently discovered and very scary exploit, a new devastating Cold Boot vulnerability. Cold Boot attacks occur when sensitive data is available for cyber attackers to copy from a computer’s RAM because the machine wasn’t shut down properly, such as through an ACPI cold boot or hard shut down after the system powers off. Now a new cold boot exploit has been found and people are understandably concerned. There’s good news and bad news about it.
Don’t you want to read the good news first? Here it is. Cold Boot attacks have been largely prevented through security hardening since their initial discovery in 2008. Most PCs that OEMs have produced since then are careful to remove data from RAM during the shutdown process. And in order for a cyber attacker to exploit this recently discovered Cold Boot vulnerability, they need physical access to the target machine and about five minutes to perform the attack. So this attack cannot be conducted over the internet and the cyber attacker can’t do it instantaneously. There’s a bit of a time window to catch them in the process.
Now’s the time for me to be a Debbie Downer. Here’s the bad news. This newly discovered vulnerability affects the majority of PCs, including those produced after 2008. It even affects PCs that have been produced this year. Most modern laptops are vulnerable, including models from Lenovo, Dell, and even Apple. Laptops from HP, Toshiba, Sony, and many other popular OEMs are probably affected too. The only recent MacBooks and iMacs that are safe from the recently discovered exploit are those with a T2 chip. According to Apple, iMac Pros and MacBook Pros from 2018 have the T2 chip. If your Apple Mac model doesn’t have “Pro” in its name, or if it does have “Pro” in its name but it predates 2018, it’s probably still Cold Boot vulnerable. The data that a cyber attacker can acquire from an affected Windows OEM or Mac’s RAM could contain very, very sensitive information, such as authentication data and cryptographic keys – even if you encrypt your hard drive through your operating system. That sort of data can be used by a cyber attacker to help establish administrative access to your computer and possibly to your local network as well. There are many possibilities for destruction if that sort of data falls into the wrong hands. A cyber attacker can acquire the data with physical access to your machine if you put it into sleep mode. Only a total shut down or hibernate may be safe. The security hardening performed since 2008 really only works reliably if a total shutdown or hibernate is performed. That’s the big, scary news in a nutshell.
Security consultant Olle Segerdahl said:
“It’s not exactly easy to do, but it’s not a hard enough issue to find and exploit for us to ignore the probability that some attackers have already figured this out. It’s not exactly the kind of thing that attackers looking for easy targets will use. But it is the kind of thing that attackers looking for bigger phish, like a bank or large enterprise, will know how to use.”
Security hardening against this exploit is going to be really tricky, a major uphill battle. There’s no patch so far. Segerdahl added:
“When you think about all the different computers from all the different companies and combine that with the challenges of convincing people to update, it’s a really difficult problem to solve easily. It will take the kind of coordinated industry response that doesn’t happen overnight. In the meantime, companies will need to manage on their own.”
Until a patch can be deployed, security researchers recommend that all affected PCs be put into hibernate or shut down when unattended by the user. Windows users should be required to enter their BitLocker PIN when they boot or restart their PCs. Microsoft has a page with a list of BitLocker countermeasures that can be deployed to make Windows PCs a little more secure.
Olle Segerdahl presented these worrisome findings during a Swedish conference on September 13th. More information may be presented at Microsoft’s security conference on September 27th.
Tags: Cyber Security
Reading Time: 4 minutes There should be no doubt in anyone’s mind that the coronavirus pandemic will reshape our education systems. It has already altered how students around the world learn and share knowledge with their peers in just a matter of months. Those changes can give insight into how education will progress in the long run, for better…
Reading Time: 3 minutes [Pull quote: In my experience, our customers really appreciate our team’s attention to detail and ability to listen. Here at Comodo, we value professionalism–but we’re also available and friendly.– Stephen Corsale, SVP of Customer Success and Professional Services at Comodo] One thing that’s unique about the cybersecurity industry is that a vendor is successful when…
Reading Time: 3 minutes With cybersecurity playing such an essential role in modern-day business culture, many companies are sourcing highly specialized personnel to help keep their organizations secure. While departmental structures vary from company to company, many would agree a dedicated Chief Information Security Officer (CISO) provides the best bang for buck when establishing sustainable security practices now and…
Sign up to our cyber security newsletter
Comodo Cybersecurity would like to keep in touch with you about cybersecurity issues, as well as products and services available. Please sign up to receive occasional communications. As a cybersecurity company, we take your privacy and security very seriously and have strong safeguards in place to protect your information.
agreecheck
See how your organization scores against cybersecurity threats
Advanced Endpoint Protection, Endpoint Detection and Response Built On Zero Trust Architecture available on our SaaS EPP