Stuxnet allegedly has a vicious little brother, or perhaps it is a malicious cousin; the complex malware was likened to being similar to Stuxnet but \u201cmore violent, more advanced and more sophisticated.\u201dIran, according to the Times of Israel, admitted that its \u201cinfrastructure and strategic networks\u201d were hit by a meaner, leaner version of Stuxnet. A TV news report added that the Iranians are \u201cnot admitting, of course, how much damage has been caused.\u201dThe report came after Iranian Supreme Leader Ayatollah Ali Khamenei said Iran needed to step up efforts to fight enemy \u201cinfiltration.\u201d Reuters also reported that Gholamreza Jalali, the head of Iran\u2019s civil defense agency, said, \u201cRecently we discovered a new generation of Stuxnet which consisted of several parts ... and was trying to enter our systems.\u201d Jalali didn\u2019t go into more detail.The Tehran Times later claimed that Jalali\u2019s comments were \u201ctaken out of context with regard to the president\u2019s [President Hassan Rouhani] mobile phone being tapped.\u201d Instead, Jalali was reportedly warning about the risk of unencrypted calls being intercepted.There were no additional details about the capabilities of this destructive \u201cnew generation of Stuxnet;\u201d unsurprisingly, Israel\u2019s Mossad intelligence agency refused to discuss if it played any role in the attack.Iran found CIA spies by Googling site that CIA used to route covert communicationsWe already know how\u00a0\u201cbotched CIA communications\u201d ended up costing the lives of Chinese agents, and now Yahoo News reports that Iranian intelligence officials simply Googled to find the CIA\u2019s communication channel. Using Google, Iran reportedly found numerous websites used by the CIA as covert communications channels, which led to Iran rounding up 30 people earmarked as CIA spies.Thirty more people recruited as CIA agents in China were killed after China allegedly did some Googling to find secret CIA websites that acted as \u201ctransitional\u201d communications.Those compromised sites on the web, which had been indexed by Google, may have also \u201cendangered all CIA sources that used some version of this internet-based system worldwide.\u201dJohn Reidy, a defense contractor, had warned the CIA about the \u201cmassive intelligence failure\u201d dealing with the communications system. For his trouble, his whistleblowing was rewarded by being booted from his job.Irvin McCullough, a national security analyst with the Government Accountability Project, told Yahoo News, \u201cThis is one of the most catastrophic intelligence failures since Sept. 11. And the CIA punished the person who brought the problem to light.\u201dPortSmash: The newest Intel CPU side-channel vulnerabilityThere is yet another vulnerability in Intel processors, specifically the hyperthreading tech, which an attacker could exploit to leak encrypted data. An\u00a0advisory about exploiting simultaneous multi-threading was issued, but an official research paper will be released later. For now, there\u2019s a proof-of-concept exploit posted on GitHub that should \u201cwork out of the box on Skylake and Kaby Lake.\u201dAccording to TechSpot, Billy Bob Brumley, a PortSmash researcher, said, \u201cPortSmash is highly portable, and its prerequisites for execution are minimal, i.e., does not require knowledge of memory cache-lines, eviction sets, machine learning techniques, nor reverse engineering techniques. PortSmash definitely does not need root privileges, just user space.\u201dIntel officials downplayed the threat, claiming, \u201cWe expect that it is not unique to Intel platforms.\u201dCritical Bleeding Bit flaws can compromise enterprise wireless access pointsResearchers from Armis revealed Bleeding Bit, an \u201cundetectable chip level attack\u201d that could be used to compromise Wi-Fi access points from Cisco Systems, Cisco Meraki and Aurba Networks \u2014 those three allegedly account for about 70 percent of the networking market. The two critical chip-level vulnerabilities are related to Bluetooth Low Energy (BLE) chips made by Texas Instruments.Armis warned that the vulnerabilities \u201cendanger enterprises using vulnerable access points in their networks. Beyond access points, the health sector is potentially affected by these vulnerabilities, as the affected BLE chips are used in many medical devices, such as insulin pumps and pacemakers. Even private users might be affected by the vulnerabilities if they use an IoT device that embeds one of the vulnerable chips.\u201dCisco, Aurba, and US-CERT published security advisories.