New PlunderVolt Attack Targets Intel SGX Enclaves by Tweaking CPU Voltage

A team of cybersecurity researchers demonstrated a novel yet another technique to hijack Intel SGX, a hardware-isolated trusted space on modern Intel CPUs that encrypts extremely sensitive data to shield it from attackers even when a system gets compromised. Dubbed Plundervolt and tracked as CVE-2019-11157, the attack relies on the fact that modern processors allow frequency and voltage to beSource...

Continuar lendo

New ZombieLoad v2 Attack Affects Intel’s Latest Cascade Lake CPUs

Zombieload is back. This time a new variant (v2) of the data-leaking side-channel vulnerability also affects the most recent Intel CPUs, including the latest Cascade Lake, which are otherwise resistant against attacks like Meltdown, Foreshadow and other MDS variants (RIDL and Fallout). Initially discovered in May this year, ZombieLoad is one of the three novel types of microarchitectural dataSource...

Continuar lendo

NetCAT: New Attack Lets Hackers Remotely Steal Data From Intel CPUs

Unlike previous side-channel vulnerabilities disclosed in Intel CPUs, researchers have discovered a new flaw that can be exploited remotely over the network without requiring an attacker to have physical access or any malware installed on a targeted computer. Dubbed NetCAT, short for Network Cache ATtack, the new network-based side-channel vulnerability could allow a remote attacker to sniffSource...

Continuar lendo

SWAPGS Attack — New Speculative Execution Flaw Affects All Modern Intel CPUs

A new variant of the Spectre (Variant 1) side-channel vulnerability has been discovered that affects modern Intel CPUs which leverage speculative-execution, and some AMD processors as well, Microsoft and Red Hat warn. Identified as CVE-2019-1125, the vulnerability could allow unprivileged local attackers to access sensitive information stored in the operating system privileged kernel memory,Source...

Continuar lendo