Security News

One more reason for Apple to dump Intel processors: Another SGX, kernel data-leak flaw unearthed by experts
2020-11-10 18:00

Boffins based in Austria, Germany, and the UK have identified yet another data-leaking side-channel flaw affecting Intel processors, and potentially other chips, that exposes cryptographic secrets in memory. The paper describes a way to extract confidential data from devices by measuring power consumption fluctuations in Intel chips from Sandy Bridge onward using just software and without the need to physically wire instruments to machines.

Another month, another way to smash Intel's SGX security. Let's take a closer look at these latest holes...
2020-06-10 23:04

Intel's Software Guard Extensions, known as SGX among friends, consist of a set of instructions for running a secure enclave inside an encrypted memory partition using certain Intel microprocessors. Sadly for Intel and those who depend on its technology, security researchers keep finding flaws in SGX. On Tuesday, two separate sets of boffins published papers describing SGX vulnerabilities, but they're not really quite as bad as is claimed.

New 'CacheOut' Attack Leaks Data from Intel CPUs, VMs and SGX Enclave
2020-01-28 08:36

If your computer is running any modern Intel CPU built before October 2018, it's likely vulnerable to a newly discovered hardware issue that could allow attackers to leak sensitive data from the OS kernel, co-resident virtual machines, and even from Intel's secured SGX enclave. Dubbed CacheOut a.k.a. L1 Data Eviction Sampling and assigned CVE-2020-0549, the new microarchitectural attack allows an attacker to choose which data to leak from the CPU's L1 Cache, unlike previously demonstrated MDS attacks where attackers need to wait for the targeted data to be available.

To protect data and code in the age of hybrid cloud, you can always turn to Intel SGX
2019-12-24 07:00

A gentle guide to enclaves and trusted execution environments Sponsored Data and code are the lifeblood of digital organisations, and increasingly these are shared with others in order to achieve...

New PlunderVolt Attack Targets Intel SGX Enclaves by Tweaking CPU Voltage
2019-12-11 01:32

A team of cybersecurity researchers demonstrated a novel yet another technique to hijack Intel SGX, a hardware-isolated trusted space on modern Intel CPUs that encrypts extremely sensitive data to...

Intel might want to reconsider the G part of SGX – because it's been plunderstruck
2019-12-10 18:00

I was caught in the middle of a memory attack, and I knew there was no turning back Intel on Tuesday plans to release 11 security advisories, including a microcode firmware update to patch a...

Fortanix Releases Open Source SDK for Intel SGX Enclaves
2019-03-06 19:01

Runtime encryption company Fortanix has launched a free and open source software development kit (SDK) for building Intel Software Guard Extensions (SGX) applications. read more

Fortanix launches Rust-based SDK for Intel SGX applications
2019-03-04 18:11

Fortanix launched its Enclave Development Platform (EDP) at RSA Conference. The Fortanix EDP provides a native Rust-based SDK to write Intel Software Guard Extensions (Intel SGX) enclaves. The...

Intel SGX Card Extends Memory Protections to Existing Cloud Servers
2019-02-28 06:47

Intel and its partners this week made several cybersecurity-related announcements, including the launch of new silicon-enabled products and tools. read more

Intel: Let's talk about SGX, baby. Let's talk about 2U and me. Let's talk about all the good things, and the bad...
2019-02-27 22:20

Chipzilla rips sticker off his graphics accelerator, switches off GPU, now you're a security wizard, Harry! RSA Intel is touting a PCIe card packed with SGX tech to plug into servers, plus some...