Security News

Targeting the specific sub-class of side-channel attacks against cache carried out by shared software, TimeCache is claimed to offer perfect protection with a tiny performance impact, while keeping all of the lovely benefits of sharing things in the first place. "Our defence against timing side channels through shared software retains the benefits of allowing processes to utilise the entire cache capacity of a shared cache," the pair explained in a paper presented at the ACM/IEEE 48th Annual International Symposium on Computer Architecture.

A new research has yielded yet another means to pilfer sensitive data by exploiting what's the first "On-chip, cross-core" side-channel attack targeting the ring interconnect used in Intel Coffee Lake and Skylake processors. While information leakage attacks targeting the CPU microarchitecture have been previously demonstrated to break the isolation between user applications and the operating system, allowing a malicious program to access memory used by other programs, the new attack leverages a contention on the ring interconnect.

A team of researchers from universities in the United States, Australia and Israel has demonstrated that attackers could launch browser-based side-channel attacks that do not require JavaScript, and they've tested the method on a wide range of platforms, including devices that use Apple's recently introduced M1 chip. The researchers - representing the Ben-Gurion University of the Negev, the University of Michigan and the University of Adelaide - have published a paper on what they have described as the first browser side-channel attack that uses only CSS and HTML, and works even if JavaScript is completely disabled.

A team of researchers from the University of Illinois at Urbana-Champaign has published a paper detailing a new side-channel attack method that can be launched against devices with Intel CPUs. Following the disclosure of the Meltdown and Spectre vulnerabilities back in January 2018, researchers have increasingly focused on finding CPU side-channel attack methods - and in many cases they have been successful.

Intel processors are vulnerable to a new side-channel attack, which researchers said can allow attackers to steal sensitive information such as encryption keys or passwords. In their research paper [PDF]: "Lord of the Ring(s): Side Channel Attacks on the CPU On-Chip Ring Interconnect Are Practical," researchers said the attack is unique because it works in spite of some previous side-channel defenses.

An international team of security researchers is presenting new side-channel attacks, which use fluctuations in software power consumption to access sensitive data on Intel CPUs. Power side-channel attacks are attacks that exploit fluctuations in power consumption to extract sensitive data such as cryptographic keys.

Sharing its findings with The Hacker News, a group of academics from the Graz University of Technology and CISPA Helmholtz Center for Information Security finally revealed the exact reason behind why the kernel addresses are cached in the first place, as well as presented several new attacks that exploit the previously unidentified underlying issue, allowing attackers to sniff out sensitive data. The new research explains microarchitectural attacks were actually caused by speculative dereferencing of user-space registers in the kernel, which not just impacts the most recent Intel CPUs with the latest hardware mitigations, but also several modern processors from ARM, IBM, and AMD - previously believed to be unaffected.

Since measuring the time taken to execute cryptographic algorithms is crucial to carrying out a timing attack and consequently leak information, the jitter on the network path from the attacker to the server can make it impractical to successfully exploit timing side-channels that rely on a small difference in execution time. The new method, called Timeless Timing Attacks by researchers from DistriNet Research Group and New York University Abu Dhabi, instead leverages multiplexing of network protocols and concurrent execution by applications, thus making the attacks immune to network conditions.

Cybersecurity researchers have discovered two distinct attacks that could be exploited against modern Intel processors to leak sensitive information from the CPU's trusted execution environments. The second line of attack, dubbed CrossTalk by researchers from the VU University Amsterdam, enables attacker-controlled code executing on one CPU core to target SGX enclaves running on a completely different core, and determine the enclave's private keys.

AMD processors sold between 2011 and 2019 are vulnerable to two side-channel attacks that can extract kernel data and secrets, according to a new research paper. In a paper [PDF] titled, "Take A Way: Exploring the Security Implications of AMD's Cache Way Predictors," six boffins - Moritz Lipp, Vedad Hadžić, Michael Schwarz, and Daniel Gruss, Clémentine Maurice, and Arthur Perais - explain how they reverse-engineered AMD's L1D cache way predictor to expose sensitive data in memory.