Intel | Breaking Cybersecurity News | The Hacker News

A security flaw impacting the Lighttpd web server used in baseboard management controllers ( BMCs ) has remained unpatched by device vendors like Intel and Lenovo, new findings from Binarly reveal. While the original shortcoming was  discovered and patched  by the Lighttpd maintainers way back in August 2018 with  version 1.4.51 , the lack of a CVE identifier or an advisory meant that it was overlooked by developers of AMI MegaRAC BMC, ultimately ending up in products made by Intel and Lenovo. Lighttpd  (pronounced "Lighty") is an open-source high-performance web server software designed for speed, security, and flexibility, while optimized for high-performance environments without consuming a lot of system resources. The silent fix for Lighttpd concerns an out-of-bounds read vulnerability that could be exploited to exfiltrate sensitive data, such as process memory addresses, thereby allowing threat actors to bypass crucial security mechanisms like address space layout ra

Researchers from the Vrije Universiteit Amsterdam have disclosed a new side-channel attack called  SLAM  that could be exploited to leak sensitive information from kernel memory on current and upcoming CPUs from Intel, AMD, and Arm. The attack is an end-to-end exploit for Spectre based on a new feature in Intel CPUs called  Linear Address Masking  ( LAM ) as well as its analogous counterparts from AMD (called  Upper Address Ignore  or  UAI ) and Arm (called  Top Byte Ignore  or  TBI ). "SLAM exploits unmasked gadgets to let a userland process leak arbitrary ASCII kernel data," VUSec researchers  said , adding it could be leveraged to leak the root password hash within minutes from kernel memory. While LAM is presented as a security feature, the study found that it ironically degrades security and "dramatically" increases the  Spectre attack surface , resulting in a transient execution attack, which exploits  speculative execution  to extract sensitive data via

Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access. As we depend on multi-factor authentication and passwords to safeguard human identities, a pressing question arises: How do we guarantee the security and integrity of these non-human counterparts? How do we authenticate, authorize, and regulate access for entities devoid of life but crucial for the functioning of critical systems? Let's break it down. The challenge Imagine a cloud-native application as a bustling metropolis of tiny neighborhoods known as microservices, all neatly packed into containers. These microservices function akin to diligent worker bees, each diligently performing its designated task, be it processing data, verifying credentials, or

Intel has released fixes to close out a high-severity flaw codenamed  Reptar  that impacts its desktop, mobile, and server CPUs. Tracked as  CVE-2023-23583  (CVSS score: 8.8), the  issue  has the potential to "allow escalation of privilege and/or information disclosure and/or denial of service via local access." Successful exploitation of the vulnerability could also permit a bypass of the CPU's security boundaries, according to Google Cloud, which described it as an issue stemming from how redundant prefixes are interpreted by the processor. "The impact of this vulnerability is demonstrated when exploited by an attacker in a multi-tenant virtualized environment, as the exploit on a guest machine causes the host machine to crash resulting in a Denial of Service to other guest machines running on the same host," Google Cloud's Phil Venables  said . "Additionally, the vulnerability could potentially lead to information disclosure or privilege escala

Cybersecurity researchers have disclosed details of a trio of side-channel attacks that could be exploited to leak sensitive data from modern CPUs. Called  Collide+Power  ( CVE-2023-20583 ),  Downfall  ( CVE-2022-40982 ), and  Inception  ( CVE-2023-20569 ), the novel methods follow the disclosure of another newly discovered security vulnerability affecting AMD's Zen 2 architecture-based processors known as  Zenbleed  (CVE-2023-20593). "Downfall attacks target a critical weakness found in billions of modern processors used in personal and cloud computers,"  Daniel Moghimi , senior research scientist at Google,  said . "This vulnerability [...] enables a user to access and steal data from other users who share the same computer." In a hypothetical attack scenario, a malicious app installed on a device could weaponize the method to steal sensitive information like passwords and encryption keys, effectively undermining Intel's Software Guard eXtensions ( SGX

The threat actors behind the ransomware attack on Taiwanese PC maker MSI last month have leaked the company's private code signing keys on their dark website. "Confirmed, Intel OEM private key leaked, causing an impact on the entire ecosystem," Alex Matrosov, founder and CEO of firmware security firm Binarly,  said  in a tweet over the weekend. "It appears that Intel Boot Guard may not be effective on certain devices based on the 11th Tiger Lake, 12th Adler Lake, and 13th Raptor Lake." Present in the leaked data are firmware image signing keys associated with 57 PCs and private signing keys for Intel Boot Guard used on 116 MSI products. The Boot Guard keys from MSI are believed to impact several device vendors, including Intel, Lenovo and Supermicro. Intel Boot Guard is a  hardware-based security technology  that's designed to protect computers against executing tampered UEFI firmware. The development comes a month after MSI  fell victim  to a double

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday  added  three flaws to its Known Exploited Vulnerabilities ( KEV ) catalog, citing evidence of active abuse in the wild. Included among the three is  CVE-2022-24990 , a bug affecting TerraMaster network-attached storage (TNAS) devices that could lead to unauthenticated remote code execution with the highest privileges. Details about the flaw were  disclosed  by Ethiopian cyber security research firm Octagon Networks in March 2022. The vulnerability, according to a  joint advisory  released by U.S. and South Korean government authorities, is said to have been weaponized by North Korean nation-state hackers to strike healthcare and critical infrastructure entities with ransomware. The second shortcoming to be added to KEV catalog is  CVE-2015-2291 , an unspecified flaw in the Intel ethernet diagnostics driver for Windows (IQVW32.sys and IQVW64.sys) that could throw an affected device into a denial-of-service

Chipmaker Intel has confirmed that proprietary source code related to its Alder Lake CPUs has been leaked, following its release by an unknown third-party on 4chan and GitHub last week. The published content contains Unified Extensible Firmware Interface ( UEFI ) code for  Alder Lake , the company's 12th generation processors that was originally launched in November 2021. In a statement shared with Tom's Hardware, Intel  said  the leak doesn't expose "any new security vulnerabilities as we do not rely on obfuscation of information as a security measure." It's also encouraging the broader security research community to report any potential issues through its  bug bounty program , adding it's reaching out to customers to notify them of the matter. Besides the UEFI code, the leaked data dump includes a plethora of files and tools, some of which appear to come from firmware vendor Insyde Software. Exact details surrounding the nature of the hack, inclu

A group of researchers has revealed details of a new vulnerability affecting Intel CPUs that enables attackers to obtain encryption keys and other secret information from the processors. Dubbed  ÆPIC Leak , the weakness is the first-of-its-kind to architecturally disclose sensitive data in a manner that's akin to an "uninitialized memory read in the CPU itself." "In contrast to transient execution attacks like  Meltdown and Spectre ,  ÆPIC Leak  is an architectural bug: the sensitive data gets directly disclosed without relying on any (noisy) side channel," the academics said. The study was conducted by researchers from the Sapienza University of Rome, the Graz University of Technology, Amazon Web Services, and the CISPA Helmholtz Center for Information Security. The vulnerability ( CVE-2022-21233 , CVSS score: 6.0), which affects CPUs with Sunny Cover microarchitecture, is rooted in a component called Advanced Programmable Interrupt Controller ( APIC ), wh

With speculative execution attacks remaining a stubbornly persistent vulnerability ailing modern processors, new research has highlighted an "industry failure" to adopt mitigations released by AMD and Intel, posing a firmware supply chain threat. Dubbed  FirmwareBleed  by Binarly, the information leaking assaults stem from the continued exposure of microarchitectural attack surfaces on the part of enterprise vendors either as a result of not correctly incorporating the fixes or only using them partially. "The impact of such attacks is focused on disclosing the content from privileged memory (including protected by virtualization technologies) to obtain sensitive data from processes running on the same processor (CPU)," the firmware protection firm  said  in a report shared with The Hacker News. "Cloud environments can have a greater impact when a physical server can be shared by multiple users or legal entities." In recent years, implementations of sp

A newly discovered security vulnerability in modern Intel and AMD processors could let remote attackers steal encryption keys via a power side channel attack. Dubbed  Hertzbleed  by a group of researchers from the University of Texas, the University of Illinois Urbana-Champaign, and the University of Washington, the issue is rooted in dynamic voltage and frequency scaling ( DVFS ), a power and thermal management feature employed to conserve power and reduce the amount of heat generated by a chip. "The cause is that, under certain circumstances, periodic CPU frequency adjustments depend on the current CPU power consumption, and these adjustments directly translate to execution time differences (as 1 hertz = 1 cycle per second)," the researchers said. This can have significant security implications on cryptographic libraries even when implemented correctly as  constant-time code  to prevent timing-based side channels, effectively enabling an attacker to leverage the execut

Researchers have disclosed a new technique that could be used to circumvent existing hardware mitigations in modern processors from Intel, AMD, and Arm, and stage  speculative execution  attacks such as Spectre to leak sensitive information from host memory. Attacks like  Spectre  are designed to break the isolation between different applications by taking advantage of an  optimization technique  called speculative execution in CPU hardware implementations to trick programs into accessing arbitrary locations in memory and thus leak their secrets. While chipmakers have incorporated both software and hardware  defenses , including  Retpoline  as well as safeguards like Enhanced Indirect Branch Restricted Speculation ( eIBRS ) and  Arm   CSV2 , the latest method demonstrated by VUSec researchers aims to get around all these protections. Called  Branch History Injection  (BHI or Spectre-BHB), it's a new variant of Spectre-V2 attacks (tracked as CVE-2017-5715) that bypasses both e

A new research has yielded yet another means to pilfer sensitive data by exploiting what's the first "on-chip, cross-core" side-channel attack targeting the ring interconnect used in Intel Coffee Lake and Skylake processors. Published by a group of academics from the University of Illinois at Urbana-Champaign, the  findings  are expected to be presented at the USENIX Security Symposium coming this August. While information leakage attacks targeting the CPU microarchitecture have been previously demonstrated to break the isolation between user applications and the operating system, allowing a malicious program to access memory used by other programs (e.g., Meltdown and Spectre), the new attack leverages a contention on the ring interconnect. SoC  Ring interconnect  is an on-die bus arranged in a ring topology which enables intra-process communication between different components (aka agents) such as the cores, the last level cache (LLC), the graphics unit, and the syst

Intel and Cybereason have partnered to build anti-ransomware defenses into the chipmaker's newly announced 11th generation Core  vPro  business-class processors. The hardware-based security enhancements are baked into Intel's vPro platform via its  Hardware Shield  and  Threat Detection Technology  (TDT), enabling profiling and detection of ransomware and other threats that have an impact on the CPU performance. "The joint solution represents the first instance where PC hardware plays a direct role in ransomware defenses to better protect enterprise endpoints from costly attacks," Cybereason  said . Exclusive to vPro, Intel Hardware Shield provides protections against firmware-level attacks targeting the  BIOS , thereby ensuring that the operating system (OS) runs on legitimate hardware as well as minimizing the risk of malicious code injection by locking down memory in the BIOS when the software is running to help prevent planted malware from compromising the OS

It appears there is no end in sight to the hardware level security vulnerabilities in Intel processors, as well as to the endless 'performance killing' patches that resolve them. Modern Intel CPUs have now been found vulnerable to a new attack that involves reversely exploiting Meltdown-type data leak vulnerabilities to bypass existing defenses, two separate teams of researchers told The Hacker News. Tracked as CVE-2020-0551 , dubbed " Load Value Injection in the Line Fill Buffers" or LVI-LFB for short, the new speculative-execution attack could let a less privileged attacker steal sensitive information—encryption keys or passwords—from the protected memory and subsequently, take significant control over a targeted system. According to experts at Bitdefender and academic researchers from a couple of universities, the new attack is particularly devastating in multi-tenant environments such as enterprise workstations or cloud servers in the datacenter. And

AMD processors from as early as 2011 to 2019 carry previously undisclosed vulnerabilities that open them to two new different side-channel attacks, according to a freshly published research. Known as " Take A Way ," the new potential attack vectors leverage the L1 data (L1D) cache way predictor in AMD's Bulldozer microarchitecture to leak sensitive data from the processors and compromise the security by recovering the secret key used during encryption. The research was published by a group of academics from the Graz University of Technology and Research Institute of Computer Science and Random Systems (IRISA), who responsibly disclosed the vulnerabilities to AMD back in August 2019. "We are aware of a new white paper that claims potential security exploits in AMD CPUs, whereby a malicious actor could manipulate a cache-related feature to potentially transmit user data in an unintended way," AMD said in an advisory posted on its website over the weekend

Google has reportedly suspended all businesses with the world's second-biggest smartphone maker, Huawei, and revoked its Android license effective immediately—a move that will have a drastic impact on Huawei devices across the globe. Revoking Android license means Huawei future smartphones will no longer have access to Android updates and apps like Gmail or the Play Store, as well as Google technical support beyond services that are publicly available via open source licensing, Reuters report. Why? That's because last week, U.S. President Donald Trump signed an executive order declaring a national emergency banning foreign companies—over surveillance fear—from doing telecommunication business in the United States without the government's approval. About the executive order, White House Press Secretary Sarah Sanders said in a statement that President Trump "has made it clear that this Administration will do what it takes to keep America safe and prosperous, an