Security News
Intel on Monday informed customers that researchers have identified yet another speculative execution attack method that can be launched against systems that use its processors. The disclosure of the Meltdown and Spectre vulnerabilities back in January 2018 paved the way for the discovery of several speculative execution side-channel attack methods impacting modern processors.
If your computer is running any modern Intel CPU built before October 2018, it's likely vulnerable to a newly discovered hardware issue that could allow attackers to leak sensitive data from the OS kernel, co-resident virtual machines, and even from Intel's secured SGX enclave. Dubbed CacheOut a.k.a. L1 Data Eviction Sampling and assigned CVE-2020-0549, the new microarchitectural attack allows an attacker to choose which data to leak from the CPU's L1 Cache, unlike previously demonstrated MDS attacks where attackers need to wait for the targeted data to be available.
Oracle has released its first Critical Patch Update for 2020, which includes a total of 334 new security patches across multiple product families. The company notes that 40 of the new patches address critical issues.
'Sir, they're about to disclose the vulns!' 'Damn it. Accelerate the rollout!' How does Microsoft mitigate the risk of speculative-execution bugs on its Azure platform? The US goliath is unwilling...
The Intel attack uses a similar technique that gamers commonly use to overclock their CPUs.
A team of cybersecurity researchers demonstrated a novel yet another technique to hijack Intel SGX, a hardware-isolated trusted space on modern Intel CPUs that encrypts extremely sensitive data to...
Zombieload is back. This time a new variant (v2) of the data-leaking side-channel vulnerability also affects the most recent Intel CPUs, including the latest Cascade Lake, which are otherwise...
Researchers have disclosed a new variant of the attack method dubbed ZombieLoad, which appears to also impact Intel CPUs that are not affected by the first variant of ZombieLoad. read more
A new attack on Intel server-grade CPUs could allow the leakage of SSH passwords - but luckily it's not easy to exploit.
Unlike previous side-channel vulnerabilities disclosed in Intel CPUs, researchers have discovered a new flaw that can be exploited remotely over the network without requiring an attacker to have...