Security News

Browser Side-Channel Flaw De-Anonymizes Facebook Data
2018-06-01 20:47

An attacker can pick up the profile picture, username and the "likes" of unsuspecting visitors who find themselves landing on a malicious website.

Intel shrugs off ‘new’ side-channel attacks on branch prediction units and SGX
2018-04-01 00:00

Been there, mitigated that, got the class actions, says Chipzilla Intel’s shrugged off two new allegations of design flaws that enable side-channel attacks.…

Intel offers to pay for Spectre-like side channel vulnerabilities
2018-02-16 13:00

Intel is expanding the bug bounty program it started last March, and is raising considerably the awards it plans to give out for helpful vulnerability information. Where information about critical...

Intel Offers $250,000 for Side-Channel Exploits
2018-02-15 12:04

Intel Opens Bug Bounty Program to All Researchers, Offers up to $250,000 for Flaws Similar to Meltdown and Spectre read more

Side-Channel Attack on Libgcrypt Allows RSA Key Recovery (Security Week)
2017-07-05 07:00

The developers of Libgcrypt, the cryptographic library used by the GNU Privacy Guard (GnuPG) implementation of the OpenPGP standard, released an update last week to prevent side-channel attacks...

Another Side-Channel Attack on PC Encryption (Schneier on Security)
2016-06-07 19:59

New paper: "Physical Key Extraction Attacks on PCs," by Daniel Genkin, Lev Pachmanov, Itamar Pipman, Adi Shamir, and Eran Tromer. They recover keys acoustically, from the high-frequency "coil...