Security News
Microsoft and Intel have been working together on a new approach to malware detection that involves deep learning and the representation of malware as images. Referred to as STAtic Malware-as-Image Network Analysis, the research leverages Intel's previous work on static malware classification through deep transfer learning and applies it to a real-world dataset from Microsoft to determine its practical value.
Topics on the agenda include threat intel on advanced persistent threats, new vulnerability research, and topics related to a post-crisis world - such as how the industry is changing because of the pandemic. "Hiding in Plain Sight: An APT Comes into a Market" on Tuesday will feature Kaspersky researchers Alexey Firsh and Lev Pikman opening the kimono on previously undisclosed threat intelligence regarding a nation-state cybercriminal group.
Intel has stomped out high-severity flaws in its Next Unit Computing mini PC firmware, and in its Modular Server MFS2600KISPP Compute Module. Discontinuation Notice for MFS2600KISPP. One of the high-severity flaws stems from a compute module used in Intel's modular server system, which is a blade system for Intel motherboards and processors first introduced in 2008.
Intel's March security updates reached its customers this week and on the face of it, the dominant theme is the bundle of flaws affecting the company's Graphics drivers. The star flaw of the month is CVE 29, the Load Value Injection weakness publicised this week by a diverse group of mainly academic security researchers.
Computer scientists at KU Leuven have once again exposed a security flaw in Intel processors. Plundervolt, Zombieload, Foreshadow: in the past couple of years, Intel has had to issue quite a few patches for vulnerabilities that computer scientists at KU Leuven have helped to expose.
Intel this week released patches for more than two dozen vulnerabilities impacting graphics drivers, FPGA, processors, NUC, BlueZ, and other products. The chip maker patched a total of 17 vulnerabilities in its graphics drivers, the most important of which is a buffer overflow that could result in denial of service.
Intel has posted a fresh crop of firmware updates for security flaws in its chipsets. An information-disclosure flaw in data forwarding for Intel processors prompted an advisory and firmware update, as did the already disclosed LVI design flaw.
Intel develops graphics drivers for Windows OS to communicate with specific Intel graphics devices, for instance. Sys file of the graphics drivers, which could enable privilege escalation or DoS; and an improper conditions check glitch in the graphic driver that may enable information disclosure and DoS. It's not the first time flaws have been discovered in discovered in Intel's graphics drivers.
Many processors made by Intel are vulnerable to a newly disclosed type of attack named Load Value Injection, but the chip maker has told customers that the attack is not very practical in real world environments. A variation of the LVI attack, dubbed Load Value Injection in the Line Fill Buffers, was also reported to Intel by researchers at Bitdefender.
Chipzilla's processors, already weighed down by defenses deployed against side-channel attacks over the past two years, could get slower still if they try to thwart this latest vulnerability: prototype compiler changes, for full mitigation, have produced performance reductions ranging from 2x to 19x. That's because LVI protection involves compiler and assembler updates that insert extra x86 instructions and replace problematic instructions with functionally equivalent but more verbose instruction sequences. "Being essentially a 'reverse Meltdown'-type attack, LVI abuses that a faulting or assisted load instruction executed within a victim domain does not always yield the expected result, but may instead transiently forward dummy values or data from various microarchitectural buffers."