Security News

A hacker can reproduce a circuit on a chip by discovering what key transistors are doing in a circuit - but not if the transistor "Type" is undetectable. How chip manufacturers choose to make this transistor design compatible with their processes would determine the availability of this level of security.

Intel unveiled Horse Ridge II, its second-generation cryogenic control chip, marking another milestone in the company's progress toward overcoming scalability, one of quantum computing's biggest hurdles. Building on innovations in the first-generation Horse Ridge controller introduced in 2019, Horse Ridge II supports enhanced capabilities and higher levels of integration for elegant control of the quantum system.

Industrial automation and Industrial IoT chip maker Advantech confirmed a ransomware attack that hit its network and led to the theft of confidential, albeit low-value, company documents. The Conti operators behind the attack on Advantech's network have set a ransom of 750 BTC for full data decryption and for removing stolen data from their servers according to a chat log seen by BleepingComputer.

Industrial automation and Industrial IoT chip maker Advantech confirmed a ransomware attack that hit its network and led to the theft of confidential, albeit low-value, company documents. The Conti operators behind the attack on Advantech's network have set a ransom of 750 BTC for full data decryption and for removing stolen data from their servers according to a chat log seen by BleepingComputer.

IBM Power9 processors, intended for data centers and mainframes, are potentially vulnerable to abuse of their speculative execution capability. On Thursday IBM published a security advisory that explains, "IBM Power9 processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances."

"In a nutshell, Microsoft is handing over a processor design, with the firmware, to our three biggest silicon providers for the PC ecosystem. And we think this is really going to raise the fundamental security bar almost immediately, both for consumers and enterprises. This is something across the board that is just going to be part and parcel of our products, and really push us forward into the next years in terms of what security looks like," Microsoft's partner director of enterprise and OS security David Weston told TechRepublic. "You can turn off Pluton and go with a conventional TPM. There will be some RFPs that say, 'to get onto this secret network you've got to have this', and there are different geographies across the world where they have a specific security process that they expect. Pluton keeps its security capabilities, and it manages its own when it's enabled, but it can definitely work in concert with other security processors or it can be turned off, and that choice is something we explicitly designed in."

Apple this week unveiled its new M1 chip and the company has provided a brief description of its security features. The tech giant told SecurityWeek that it will detail the M1's security features in the coming weeks.

Plundervolt is a software-based attack on recent Intel processors running SGX enclaves that lowers the voltage to induce faults or errors that allow the recovery of secrets like encryption keys. Half the point of SGX is to protect sensitive code and data from rogue server administrators when said servers are out of reach and in someone else's data center - such as a cloud provider's - and yet it is possible for someone at a cloud provider with physical access to a box to jolt an Intel processor into breaking its SGX protections.

Plundervolt is a software-based attack on recent Intel processors running SGX enclaves that lowers the voltage to induce faults or errors that allow the recovery of secrets like encryption keys. Half the point of SGX is to protect sensitive code and data from rogue server administrators when said servers are out of reach and in someone else's data center - such as a cloud provider's - and yet it is possible for someone at a cloud provider with physical access to a box to jolt an Intel processor into breaking its SGX protections.

One such feature is called Intel Total Memory Encryption, which Intel said helps ensure that all memory accessed from the CPU is encrypted - such as customer credentials, encryption keys and other IP or personal information on the external memory bus. The Intel Platform Firmware Resilience will be part of the Xeon Scalable platform, which Intel claims will help protect against platform firmware attacks by detecting them before they can compromise or disable the machine.