#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Insider Risk Management

AMD | Breaking Cybersecurity News | The Hacker News

New Spectre-Style 'Pathfinder' Attack Targets Intel CPU, Leak Encryption Keys and Data

New Spectre-Style 'Pathfinder' Attack Targets Intel CPU, Leak Encryption Keys and Data

May 08, 2024 Data Encryption / Hardware Security
Researchers have discovered two novel attack methods targeting high-performance Intel CPUs that could be exploited to stage a key recovery attack against the Advanced Encryption Standard (AES) algorithm. The techniques have been collectively dubbed  Pathfinder  by a group of academics from the University of California San Diego, Purdue University, UNC Chapel Hill, Georgia Institute of Technology, and Google. "Pathfinder allows attackers to read and manipulate key components of the branch predictor, enabling two main types of attacks: reconstructing program control flow history and launching high-resolution Spectre attacks," Hosein Yavarzadeh, the lead author of the  paper , said in a statement shared with The Hacker News. "This includes extracting secret images from libraries like libjpeg and recovering encryption keys from AES through intermediate value extraction." Spectre is the name given to a  class of side-channel attacks  that exploit  branch prediction
New ZenHammer Attack Bypasses RowHammer Defenses on AMD CPUs

New ZenHammer Attack Bypasses RowHammer Defenses on AMD CPUs

Mar 28, 2024 Hardware Security / Vulnerability
Cybersecurity researchers from ETH Zurich have developed a new variant of the RowHammer DRAM (dynamic random-access memory) attack that, for the first time, successfully works against AMD Zen 2 and Zen 3 systems despite mitigations such as Target Row Refresh (TRR). "This result proves that AMD systems are equally vulnerable to Rowhammer as Intel systems, which greatly increases the attack surface, considering today's AMD market share of around 36% on x86 desktop CPUs," the researchers  said . The technique has been codenamed  ZenHammer , which can also trigger RowHammer bit flips on DDR5 devices for the first time. RowHammer , first publicly disclosed in 2014, is a  well-known attack  that exploits DRAM's memory cell architecture to alter data by repeatedly accessing a specific row (aka hammering) to cause the electrical charge of a cell to leak to adjacent cells. This can induce random bit flips in neighboring memory rows (from 0 to 1, or vice versa), which can
SLAM Attack: New Spectre-based Vulnerability Impacts Intel, AMD, and Arm CPUs

SLAM Attack: New Spectre-based Vulnerability Impacts Intel, AMD, and Arm CPUs

Dec 09, 2023 Cyber Threat / Hardware Security
Researchers from the Vrije Universiteit Amsterdam have disclosed a new side-channel attack called  SLAM  that could be exploited to leak sensitive information from kernel memory on current and upcoming CPUs from Intel, AMD, and Arm. The attack is an end-to-end exploit for Spectre based on a new feature in Intel CPUs called  Linear Address Masking  ( LAM ) as well as its analogous counterparts from AMD (called  Upper Address Ignore  or  UAI ) and Arm (called  Top Byte Ignore  or  TBI ). "SLAM exploits unmasked gadgets to let a userland process leak arbitrary ASCII kernel data," VUSec researchers  said , adding it could be leveraged to leak the root password hash within minutes from kernel memory. While LAM is presented as a security feature, the study found that it ironically degrades security and "dramatically" increases the  Spectre attack surface , resulting in a transient execution attack, which exploits  speculative execution  to extract sensitive data via
cyber security

Protecting Your Organization From Insider Threats - All You Need to Know

websiteWing SecuritySaaS Security
Get practical insights and strategies to manage inadequate offboarding and insider risks effectively.
SHQ Response Platform and Risk Centre to Enable Management and Analysts Alike

SHQ Response Platform and Risk Centre to Enable Management and Analysts Alike

May 13, 2024Threat Detection / SoC / SIEM
In the last decade, there has been a growing disconnect between front-line analysts and senior management in IT and Cybersecurity. Well-documented challenges facing modern analysts revolve around a high volume of alerts, false positives, poor visibility of technical environments, and analysts spending too much time on manual tasks. The Impact of Alert Fatigue and False Positives  Analysts are overwhelmed with alerts. The knock-on effect of this is that fatigued analysts are at risk of missing key details in incidents, and often conduct time-consuming triaging tasks manually only to end up copying and pasting a generic closing comment into a false positive alert.  It is likely that there will always be false positives. And many would argue that a false positive is better than a false negative. But for proactive actions to be made, we must move closer to the heart of an incident. That requires diving into how analysts conduct the triage and investigation process. SHQ Response Platfo
Reptar: New Intel CPU Vulnerability Impacts Multi-Tenant Virtualized Environments

Reptar: New Intel CPU Vulnerability Impacts Multi-Tenant Virtualized Environments

Nov 15, 2023 Vulnerability / Hardware Security
Intel has released fixes to close out a high-severity flaw codenamed  Reptar  that impacts its desktop, mobile, and server CPUs. Tracked as  CVE-2023-23583  (CVSS score: 8.8), the  issue  has the potential to "allow escalation of privilege and/or information disclosure and/or denial of service via local access." Successful exploitation of the vulnerability could also permit a bypass of the CPU's security boundaries, according to Google Cloud, which described it as an issue stemming from how redundant prefixes are interpreted by the processor. "The impact of this vulnerability is demonstrated when exploited by an attacker in a multi-tenant virtualized environment, as the exploit on a guest machine causes the host machine to crash resulting in a Denial of Service to other guest machines running on the same host," Google Cloud's Phil Venables  said . "Additionally, the vulnerability could potentially lead to information disclosure or privilege escala
ÆPIC and SQUIP Vulnerabilities Found in Intel and AMD Processors

ÆPIC and SQUIP Vulnerabilities Found in Intel and AMD Processors

Aug 16, 2022
A group of researchers has revealed details of a new vulnerability affecting Intel CPUs that enables attackers to obtain encryption keys and other secret information from the processors. Dubbed  ÆPIC Leak , the weakness is the first-of-its-kind to architecturally disclose sensitive data in a manner that's akin to an "uninitialized memory read in the CPU itself." "In contrast to transient execution attacks like  Meltdown and Spectre ,  ÆPIC Leak  is an architectural bug: the sensitive data gets directly disclosed without relying on any (noisy) side channel," the academics said. The study was conducted by researchers from the Sapienza University of Rome, the Graz University of Technology, Amazon Web Services, and the CISPA Helmholtz Center for Information Security. The vulnerability ( CVE-2022-21233 , CVSS score: 6.0), which affects CPUs with Sunny Cover microarchitecture, is rooted in a component called Advanced Programmable Interrupt Controller ( APIC ), wh
New Study Finds Most Enterprise Vendors Failing to Mitigate Speculative Execution Attacks

New Study Finds Most Enterprise Vendors Failing to Mitigate Speculative Execution Attacks

Jul 18, 2022
With speculative execution attacks remaining a stubbornly persistent vulnerability ailing modern processors, new research has highlighted an "industry failure" to adopt mitigations released by AMD and Intel, posing a firmware supply chain threat. Dubbed  FirmwareBleed  by Binarly, the information leaking assaults stem from the continued exposure of microarchitectural attack surfaces on the part of enterprise vendors either as a result of not correctly incorporating the fixes or only using them partially. "The impact of such attacks is focused on disclosing the content from privileged memory (including protected by virtualization technologies) to obtain sensitive data from processes running on the same processor (CPU)," the firmware protection firm  said  in a report shared with The Hacker News. "Cloud environments can have a greater impact when a physical server can be shared by multiple users or legal entities." In recent years, implementations of sp
New Hertzbleed Side Channel Attack Affects All Modern AMD and Intel CPUs

New Hertzbleed Side Channel Attack Affects All Modern AMD and Intel CPUs

Jun 15, 2022
A newly discovered security vulnerability in modern Intel and AMD processors could let remote attackers steal encryption keys via a power side channel attack. Dubbed  Hertzbleed  by a group of researchers from the University of Texas, the University of Illinois Urbana-Champaign, and the University of Washington, the issue is rooted in dynamic voltage and frequency scaling ( DVFS ), a power and thermal management feature employed to conserve power and reduce the amount of heat generated by a chip. "The cause is that, under certain circumstances, periodic CPU frequency adjustments depend on the current CPU power consumption, and these adjustments directly translate to execution time differences (as 1 hertz = 1 cycle per second)," the researchers said. This can have significant security implications on cryptographic libraries even when implemented correctly as  constant-time code  to prevent timing-based side channels, effectively enabling an attacker to leverage the execut
Cybersecurity
Expert Insights
Cybersecurity Resources