Security News

The National Intelligence Service in South Korea warns that North Korean hackers target domestic semiconductor manufacturers in cyber espionage attacks. In the cases observed by the NIS, the North Korean adversaries used "Living off the land" tactics, which entails abusing legitimate software tools for malicious purposes to evade detection by security products.

A new set of vulnerabilities in 5G modems by Qualcomm and MediaTek, collectively called "5Ghoul," impact 710 5G smartphone models from Google partners and Apple, routers, and USB modems. The researchers discovered the flaws while experimenting with 5G modem firmware analysis and report that the flaws are easy to exploit over-the-air by impersonating a legitimate 5G base station.

Chipmaker Qualcomm has released more information about three high-severity security flaws that it said came under "limited, targeted exploitation" back in October 2023. The vulnerabilities are as...

At AWS re:Invent, NVIDIA contributed GPUs to Amazon's cloud efforts and added a retriever system to its AI Enterprise Software platform on AWS Marketplace. Amazon Web Services announced an AI chatbot for enterprise use, new generations of its AI training chips, expanded partnerships and more during AWS re:Invent, held from November 27 to December 1, in Las Vegas.

Intel on Tuesday issued an out-of-band security update to address a privilege escalation vulnerability in recent server and personal computer chips. The flaw, designated INTEL-SA-00950 and given a CVSS 3.0 score of 8.8 out of 10, affects Intel Sapphire Rapids, Alder Lake, and Raptor Lake chip families.

Intel has been sued by a handful of PC buyers who claim the x86 goliath failed to act when informed five years ago about faulty chip instructions that allowed the recent Downfall vulnerability, and during that period sold billions of insecure chips. The lawsuit [PDF], filed on behalf of five plaintiffs in a US federal court in San Jose, California, claims Intel knew about the susceptibility of its AVX instruction set to side-channel attacks since 2018, but didn't fix the defect until the disclosure of the Downfall hole this year, leaving affected computer buyers with no other option than to apply a patch that slows performance by as much as 50 percent.

Unlike other CPU fuzzers, Cascade can construct long random programs that manage the control flow during execution. What separates Cascade from similar tools is that it relies on a technique called asymmetric ISA pre-simulation.

The implication, made explicit by the thesis index that references the footnote as "Cavium CPU backdoor," is that Cavium secretly compromised some of its chips to accommodate US intelligence efforts, providing a way for snoops to somehow access devices powered by those semiconductors. "Marvell places the highest priority on the security of its products," a spokesperson told The Register.

AMD has started issuing some patches for its processors affected by a serious silicon-level bug dubbed Zenbleed that can be exploited by rogue users and malware to steal passwords, cryptographic keys, and other secrets from software running on a vulnerable system. Exploiting Zenbleed involves abusing speculative execution, though unlike the related Spectre family of design flaws, the bug is pretty easy to exploit.

Cold boot attacks, in which memory chips can be chilled and data including encryption keys plundered, were demonstrated way back in 2008 - but they just got automated. The presentation focuses on a Cryo-Mechanical RAM Content Extraction Robot that Cui and colleagues Grant Skipper and Yuanzhe Wu developed to collect decrypted data from DDR3 memory modules.