#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

ARM | Breaking Cybersecurity News | The Hacker News

Category — ARM
New Intel CPU Vulnerability 'Indirector' Exposes Sensitive Data

New Intel CPU Vulnerability 'Indirector' Exposes Sensitive Data

Jul 02, 2024 Hardware Security / Vulnerability
Modern CPUs from Intel, including Raptor Lake and Alder Lake, have been found vulnerable to a new side-channel attack that could be exploited to leak sensitive information from the processors. The attack, codenamed Indirector by security researchers Luyi Li, Hosein Yavarzadeh, and Dean Tullsen, leverages shortcomings identified in Indirect Branch Predictor (IBP) and the Branch Target Buffer (BTB) to bypass existing defenses and compromise the security of the CPUs. "The Indirect Branch Predictor (IBP) is a hardware component in modern CPUs that predicts the target addresses of indirect branches," the researchers noted . "Indirect branches are control flow instructions whose target address is computed at runtime, making them challenging to predict accurately. The IBP uses a combination of global history and branch address to predict the target address of indirect branches." The idea, at its core, is to identify vulnerabilities in IBP to launch precise Branch T...
Arm Warns of Actively Exploited Zero-Day Vulnerability in Mali GPU Drivers

Arm Warns of Actively Exploited Zero-Day Vulnerability in Mali GPU Drivers

Jun 11, 2024 Mobile Security / Technology
Arm is warning of a security vulnerability impacting Mali GPU Kernel Driver that it said has been actively exploited in the wild. Tracked as CVE-2024-4610 , the use-after-free issue impacts the following products - Bifrost GPU Kernel Driver (all versions from r34p0 to r40p0) Valhall GPU Kernel Driver (all versions from r34p0 to r40p0) "A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory," the company said in an advisory last week. The vulnerability has been addressed in Bifrost and Valhall GPU Kernel Driver r41p0. It's worth noting that this version was released on November 24, 2022. The current version of the drivers is r49p0, which was shipped in April 2024. When reached for comment, Arm told The Hacker News that while it was addressed in 2022, it was provided additional information that reclassified the problem as a security vulnerability. "In 2022 Arm fixed a weakness in the r41p0 re...
Unlocking Google Workspace Security: Are You Doing Enough to Protect Your Data?

Crowdstrike Named A Leader In Endpoint Protection Platforms

Nov 22, 2024Endpoint Security / Threat Detection
CrowdStrike is named a Leader in the 2024 Gartner® Magic Quadrant™ for Endpoint Protection Platforms for the fifth consecutive time, positioned highest on Ability to Execute and furthest to the right on Completeness of Vision.
SLAM Attack: New Spectre-based Vulnerability Impacts Intel, AMD, and Arm CPUs

SLAM Attack: New Spectre-based Vulnerability Impacts Intel, AMD, and Arm CPUs

Dec 09, 2023 Cyber Threat / Hardware Security
Researchers from the Vrije Universiteit Amsterdam have disclosed a new side-channel attack called  SLAM  that could be exploited to leak sensitive information from kernel memory on current and upcoming CPUs from Intel, AMD, and Arm. The attack is an end-to-end exploit for Spectre based on a new feature in Intel CPUs called  Linear Address Masking  ( LAM ) as well as its analogous counterparts from AMD (called  Upper Address Ignore  or  UAI ) and Arm (called  Top Byte Ignore  or  TBI ). "SLAM exploits unmasked gadgets to let a userland process leak arbitrary ASCII kernel data," VUSec researchers  said , adding it could be leveraged to leak the root password hash within minutes from kernel memory. While LAM is presented as a security feature, the study found that it ironically degrades security and "dramatically" increases the  Spectre attack surface , resulting in a transient execution attack, which exploits  speculati...
cyber security

Creating, Managing and Securing Non-Human Identities

websitePermisoCybersecurity / Identity Security
A new class of identities has emerged alongside traditional human users: non-human identities (NHIs). Permiso Security's new eBook details everything you need to know about managing and securing non-human identities, and strategies to unify identity security without compromising agility.
Arm Issues Patch for Mali GPU Kernel Driver Vulnerability Amidst Ongoing Exploitation

Arm Issues Patch for Mali GPU Kernel Driver Vulnerability Amidst Ongoing Exploitation

Oct 03, 2023 Cyber Attack / Vulnerability
Arm has released security patches to contain a security flaw in the Mali GPU Kernel Driver that has come under active exploitation in the wild. Tracked as  CVE-2023-4211 , the shortcoming impacts the following driver versions - Midgard GPU Kernel Driver: All versions from r12p0 - r32p0 Bifrost GPU Kernel Driver: All versions from r0p0 - r42p0 Valhall GPU Kernel Driver: All versions from r19p0 - r42p0 Arm 5th Gen GPU Architecture Kernel Driver: All versions from r41p0 - r42p0 "A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory," Arm  said  in a Monday advisory. "There is evidence that this vulnerability may be under limited, targeted exploitation." The issue, credited to Maddie Stone of Google's Threat Analysis Group (TAG) and Jann Horn of Google Project Zero, has been addressed in Bifrost, Valhall and Arm 5th Gen GPU Architecture Kernel Driver r43p0. Google, in its own monthly  Androi...
Japan's Softbank buys semiconductor giant ARM for $32 Billion in Cash

Japan's Softbank buys semiconductor giant ARM for $32 Billion in Cash

Jul 18, 2016
Japanese telecommunication giant SoftBank has confirmed that the company intends to acquire UK chip designer ARM Holdings for almost $32 Billion (£24.3 Billion) in an all-cash deal. ARM has also agreed to this offer from SoftBank and said that its board would recommend the all-cash deal to shareholders. SoftBank will pay nearly $22.5 per ARM share, which is 43 percent more than ARM's closing share price on Friday and 41 percent more than ARM's all-time high closing share price. The deal is the largest-ever acquisition of a European technology business, first reported by The Financial Times. Wondering Why is ARM really Worth $32 Billion? Founded in 1990, Cambridge-based ARM Holdings designs microchips for a variety of smartphones and powers more than 95 percent of the smartphones in the market. Whether it is Apple's iPhones or iPads, Samsung's Galaxy smartphones, Amazon's Kindle e-readers, the cheapest Nokia phones or Internet-connected devices li...
Expert Insights / Articles Videos
Cybersecurity Resources