Intel Server Chipsets | Breaking Cybersecurity News | The Hacker News

A team of cybersecurity researchers today disclosed details of two new potentially serious CPU vulnerabilities that could allow attackers to retrieve cryptographic keys protected inside TPM chips manufactured by STMicroelectronics or firmware-based Intel TPMs. Trusted Platform Module (TPM) is a specialized hardware or firmware-based security solution that has been designed to store and protect sensitive information from attackers even when your operating system gets compromised. TMP technology is being used widely by billion of desktops, laptops, servers, smartphones, and even by Internet-of-Things (IoT) devices to protect encryption keys, passwords, and digital certificates. Collectively dubbed as TPM-Fail , both newly found vulnerabilities, as listed below, leverage a timing-based side-channel attack to recover cryptographic keys that are otherwise supposed to remain safely inside the chips. CVE-2019-11090 : Intel fTPM vulnerabilities CVE-2019-16863 : STMicroelectronics...

Don't install Intel's patches for Spectre and Meltdown chip vulnerabilities. Intel on Monday warned that you should stop deploying its current versions of Spectre/Meltdown patches , which Linux creator Linus Torvalds calls 'complete and utter garbage.' Spectre and Meltdown are security vulnerabilities disclosed by researchers earlier this month in many processors from Intel, ARM and AMD used in modern PCs, servers and smartphones (among other devices), which could allow attackers to steal your passwords, encryption keys and other private information. Since last week, users are reporting that they are facing issues like spontaneous reboots and other 'unpredictable' system behaviour on their affected computers after installing Spectre/Meltdown patch released by Intel. Keeping these problems in mind, Intel has advised OEMs, cloud service providers, system manufacturers, software vendors as well as end users to stop deploying the current versions of it...

Updated: Since the below-reported vulnerability is highly critical and it would take a few weeks for sysadmins to protect their enterprise network, the research team has not yet disclosed the technical details of the vulnerability. Meanwhile, I have talked with Maksim Malyutin, a member of Embedi research team who discovered the vulnerability in March, and updated my article based on the information provided by him. A critical vulnerability has been discovered in the remote management features on computers shipped with Intel processors for past seven years (and not decade), which could allow attackers to take control of the computers remotely, affecting all Intel systems, including PC, laptops, and servers, with AMT feature enabled. As reported earlier, this critical flaw (CVE-2017-5689) is not a remote code execution, rather Malyutin confirmed to The Hacker News that it's a logical vulnerability that also gives remote attackers an opportunity to exploit this bug using add...

Is Managing Customer Logins and Data Giving You Headaches? You're Not Alone! Today, we all expect super-fast, secure, and personalized online experiences. But let's be honest, we're also more careful about how our data is used. If something feels off, trust can vanish in an instant. Add to that the lightning-fast changes AI is bringing to everything from how we log in to spotting online fraud, and it's a whole new ball game! If you're dealing with logins, data privacy, bringing new users on board, or building digital trust, this webinar is for you . Join us for " Navigating Customer Identity in the AI Era ," where we'll dive into the Auth0 2025 Customer Identity Trends Report . We'll show you what's working, what's not, and how to tweak your strategy for the year ahead. In just one session, you'll get practical answers to real-world challenges like: How AI is changing what users expect – and where they're starting to push ba...