Security News

If your computer is running any modern Intel CPU built before October 2018, it's likely vulnerable to a newly discovered hardware issue that could allow attackers to leak sensitive data from the OS kernel, co-resident virtual machines, and even from Intel's secured SGX enclave. Dubbed CacheOut a.k.a. L1 Data Eviction Sampling and assigned CVE-2020-0549, the new microarchitectural attack allows an attacker to choose which data to leak from the CPU's L1 Cache, unlike previously demonstrated MDS attacks where attackers need to wait for the targeted data to be available.

Intel is warning of a high-severity vulnerability in its performance analysis tool called Intel VTune Profiler. "Improper access control in driver for Intel VTune Amplifier for Windows before update 8 may allow an authenticated user to potentially enable escalation of privilege via local access," according to an Intel security update.

Ping An Insurance announced that Ping An Technology and Intel signed a strategic collaboration agreement in Shenzhen, China. The two companies plan to establish a joint laboratory, cooperate on products and technology, and form a joint project team in areas of high-performance computing, including storage, network, cloud, artificial intelligence and security.

A gentle guide to enclaves and trusted execution environments Sponsored Data and code are the lifeblood of digital organisations, and increasingly these are shared with others in order to achieve...

A vulnerability Intel has addressed in the Rapid Storage Technology (RST) could allow a local user to escalate privileges to System. Intel RST is a Windows-based application that is provided with...

A newly disclosed attack method targeting Intel processors employs voltage modifications to expose data protected using Intel's Software Guard Extensions (SGX). read more

A newly disclosed attack targeting Intel processors utilizes CPU voltage modifications to expose data stored using Intel's Secure Guard Extensions (SGX).  read more

The Intel attack uses a similar technique that gamers commonly use to overclock their CPUs.

Dropping Voltage to CPUs Can Force Sensitive Data DisclosureIntel issued a firmware update on Tuesday to mitigate an attack developed by researchers, dubbed Plundervolt, which uses voltage...

Intel Labs unveiled what is believed to be a first-of-its-kind cryogenic control chip — code-named “Horse Ridge” — that will speed up development of full-stack quantum computing systems. Horse...