Security News
Cybersecurity researchers have discovered two distinct attacks that could be exploited against modern Intel processors to leak sensitive information from the CPU's trusted execution environments. The second line of attack, dubbed CrossTalk by researchers from the VU University Amsterdam, enables attacker-controlled code executing on one CPU core to target SGX enclaves running on a completely different core, and determine the enclave's private keys.
AMD processors sold between 2011 and 2019 are vulnerable to two side-channel attacks that can extract kernel data and secrets, according to a new research paper. In a paper [PDF] titled, "Take A Way: Exploring the Security Implications of AMD's Cache Way Predictors," six boffins - Moritz Lipp, Vedad Hadžić, Michael Schwarz, and Daniel Gruss, Clémentine Maurice, and Arthur Perais - explain how they reverse-engineered AMD's L1D cache way predictor to expose sensitive data in memory.
AMD processors sold between 2011 and 2019 are vulnerable to two side-channel attacks that can extract kernel data and secrets, according to a new research paper. In a paper [PDF] titled, "Take A Way: Exploring the Security Implications of AMD's Cache Way Predictors," six boffins - Moritz Lipp, Vedad Hadžić, Michael Schwarz, and Daniel Gruss, Clémentine Maurice, and Arthur Perais - explain how they reverse-engineered AMD's L1D cache way predictor to expose sensitive data in memory.
AMD processors from as early as 2011 to 2019 carry previously undisclosed vulnerabilities that open them to two new different side-channel attacks, according to a freshly published research. Known as "Take A Way," the new potential attack vectors leverage the L1 data cache way predictor in AMD's Bulldozer microarchitecture to leak sensitive data from the processors and compromise the security by recovering the secret key used during encryption.
AMD processors from as early as 2011 to 2019 carry previously undisclosed vulnerabilities that open them to two new different side-channel attacks, according to a freshly published research. Known as "Take A Way," the new potential attack vectors leverage the L1 data cache way predictor in AMD's Bulldozer microarchitecture to leak sensitive data from the processors and compromise the security by recovering the secret key used during encryption.
Purdue University innovators have unveiled technology that is 100 times more resilient to electromagnetic and power attacks, to stop side-channel attacks against IoT devices. Recent attacks have shown that such side-channel attacks can happen in just a few minutes from a short distance away.
'Sir, they're about to disclose the vulns!' 'Damn it. Accelerate the rollout!' How does Microsoft mitigate the risk of speculative-execution bugs on its Azure platform? The US goliath is unwilling...
Mirror, mirror on the wall, which is the worst side-channel vulnerability of them all?
Not that serious, but interesting: In late 2011, Intel introduced a performance enhancement to its line of server processors that allowed network cards and other peripherals to connect directly to...
Several high-security electronic locks are vulnerable to side-channel attacks involving power monitoring....