FreshRSS

🔒
❌ Secure Planet Training Courses Updated For 2019 - Click Here
☷
△ 🔃
There are new available articles, click to refresh the page.
☐ ☆ ✇ The Hacker News

New Spectre-Style 'Pathfinder' Attack Targets Intel CPU, Leak Encryption Keys and Data

By: Newsroom — May 8th 2024 at 14:17
Researchers have discovered two novel attack methods targeting high-performance Intel CPUs that could be exploited to stage a key recovery attack against the Advanced Encryption Standard (AES) algorithm. The techniques have been collectively dubbed Pathfinder by a group of academics from the University of California San Diego, Purdue University, UNC Chapel
☐ ☆ ✇ The Hacker News

New ZenHammer Attack Bypasses RowHammer Defenses on AMD CPUs

By: Newsroom — March 28th 2024 at 14:20
Cybersecurity researchers from ETH Zurich have developed a new variant of the RowHammer DRAM (dynamic random-access memory) attack that, for the first time, successfully works against AMD Zen 2 and Zen 3 systems despite mitigations such as Target Row Refresh (TRR). "This result proves that AMD systems are equally vulnerable to Rowhammer as Intel systems, which greatly increases the attack
☐ ☆ ✇ The Hacker News

SLAM Attack: New Spectre-based Vulnerability Impacts Intel, AMD, and Arm CPUs

By: Newsroom — December 9th 2023 at 11:52
Researchers from the Vrije Universiteit Amsterdam have disclosed a new side-channel attack called SLAM that could be exploited to leak sensitive information from kernel memory on current and upcoming CPUs from Intel, AMD, and Arm. The attack is an end-to-end exploit for Spectre based on a new feature in Intel CPUs called Linear Address Masking (LAM) as well as its analogous
☐ ☆ ✇ The Hacker News

Reptar: New Intel CPU Vulnerability Impacts Multi-Tenant Virtualized Environments

By: Newsroom — November 15th 2023 at 07:52
Intel has released fixes to close out a high-severity flaw codenamed Reptar that impacts its desktop, mobile, and server CPUs. Tracked as CVE-2023-23583 (CVSS score: 8.8), the issue has the potential to "allow escalation of privilege and/or information disclosure and/or denial of service via local access." Successful exploitation of the vulnerability could also permit a bypass of the CPU's
☐ ☆ ✇ The Hacker News

CacheWarp Attack: New Vulnerability in AMD SEV Exposes Encrypted VMs

By: Newsroom — November 14th 2023 at 18:40
A group of academics has disclosed a new "software fault attack" on AMD's Secure Encrypted Virtualization (SEV) technology that could be potentially exploited by threat actors to infiltrate encrypted virtual machines (VMs) and even perform privilege escalation. The attack has been codenamed CacheWarp (CVE-2023-20592) by researchers from the CISPA Helmholtz Center for Information Security and the
☐ ☆ ✇ The Hacker News

Collide+Power, Downfall, and Inception: New Side-Channel Attacks Affecting Modern CPUs

By: THN — August 9th 2023 at 15:39
Cybersecurity researchers have disclosed details of a trio of side-channel attacks that could be exploited to leak sensitive data from modern CPUs. Called Collide+Power (CVE-2023-20583), Downfall (CVE-2022-40982), and Inception (CVE-2023-20569), the novel methods follow the disclosure of another newly discovered security vulnerability affecting AMD's Zen 2 architecture-based processors known as 
❌