Security News

New ZenHammer Attack Bypasses RowHammer Defenses on AMD CPUs
2024-03-28 14:44

Cybersecurity researchers from ETH Zurich have developed a new variant of the RowHammer DRAM (dynamic random-access memory) attack that, for the first time, successfully works against AMD Zen 2...

New ZenHammer memory attack impacts AMD Zen CPUs
2024-03-25 16:00

Academic researchers developed ZenHammer, the first variant of the Rowhammer DRAM attack that works on CPUs based on recent AMD Zen microarchitecture that map physical addresses on DDR4 and DDR5 memory chips. The ZenHammer attack was developed by researchers at public research university ETH Zurich, who shared their technical paper with BleepingComputer.

New GoFetch attack on Apple Silicon CPUs can steal crypto keys
2024-03-22 15:01

A new side-channel attack called "GoFetch" impacts Apple M1, M2, and M3 processors and can be used to steal secret cryptographic keys from data in the CPU's cache. The attack targets constant-time cryptographic implementations using data memory-dependent prefetchers found in modern Apple CPUs.

Oracle warns that macOS 14.4 update breaks Java on Apple CPUs
2024-03-19 16:52

Oracle warned Apple customers to delay installing the latest macOS 14.4 Sonoma update because it will break Java on ARM-based Macs. According to Garcia-Ribeyro, since the Java Virtual Machine uses dynamic code generation and accesses memory in protected memory regions to ensure correctness and performance, its process will be terminated after deploying the macOS 14.4 update.

GhostRace – New Data Leak Vulnerability Affects Modern CPUs
2024-03-15 17:46

A group of researchers has discovered a new data leakage attack impacting modern CPU architectures supporting speculative execution. Dubbed GhostRace (CVE-2024-2193), it is a variation of the...

New Docker Malware Steals CPU for Crypto & Drives Fake Website Traffic
2024-01-18 16:31

Vulnerable Docker services are being targeted by a novel campaign in which the threat actors are deploying XMRig cryptocurrency miner as well as the 9Hits Viewer software as part of a...

SLAM Attack: New Spectre-based Vulnerability Impacts Intel, AMD, and Arm CPUs
2023-12-09 11:52

Researchers from the Vrije Universiteit Amsterdam have disclosed a new side-channel attack called SLAM that could be exploited to leak sensitive information from kernel memory on current and...

New SLAM attack steals sensitive data from AMD, future Intel CPUs
2023-12-07 00:52

Academic researchers developed a new side-channel attack called SLAM that exploits hardware features designed to improve security in upcoming CPUs from Intel, AMD, and Arm to obtain the root password hash from the kernel memory. Short for Spectre based on LAM, the SLAM attack was discovered by researchers at Systems and Network Security Group at Vrije Universiteit Amsterdam, who demonstrated its validity by emulating the upcoming LAM feature from Intel on a last-generation Ubuntu system.

Citrix Hypervisor gets hotfix for new Reptar Intel CPU flaw
2023-11-15 19:24

Citrix has released hotfixes for two vulnerabilities impacting Citrix Hypervisor, one of them being the "Reptar" high-severity flaw that affects Intel CPUs for desktop and server systems. "Although this is not an issue in the Citrix Hypervisor product itself, we have included updated Intel microcode to mitigate this CPU hardware issue," reads the advisory.

Reptar: New Intel CPU Vulnerability Impacts Multi-Tenant Virtualized Environments
2023-11-15 07:52

Intel has released fixes to close out a high-severity flaw codenamed Reptar that impacts its desktop, mobile, and server CPUs. Tracked as CVE-2023-23583 (CVSS score: 8.8), the issue has the...