#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cybersecurity

amd processor | Breaking Cybersecurity News | The Hacker News

Category — amd processor
New Exploit Bypasses Existing Spectre-V2 Mitigations in Intel, AMD, Arm CPUs

New Exploit Bypasses Existing Spectre-V2 Mitigations in Intel, AMD, Arm CPUs

Mar 10, 2022
Researchers have disclosed a new technique that could be used to circumvent existing hardware mitigations in modern processors from Intel, AMD, and Arm, and stage  speculative execution  attacks such as Spectre to leak sensitive information from host memory. Attacks like  Spectre  are designed to break the isolation between different applications by taking advantage of an  optimization technique  called speculative execution in CPU hardware implementations to trick programs into accessing arbitrary locations in memory and thus leak their secrets. While chipmakers have incorporated both software and hardware  defenses , including  Retpoline  as well as safeguards like Enhanced Indirect Branch Restricted Speculation ( eIBRS ) and  Arm   CSV2 , the latest method demonstrated by VUSec researchers aims to get around all these protections. Called  Branch History Injection  (BHI or Spectre-BHB), it's a new variant of Spectre-V2 attacks (tracked as CVE-2017-5715) that bypasses both e
 New Noise-Resilient Attack On Intel and AMD CPUs Makes Flush-based Attacks Effective

New Noise-Resilient Attack On Intel and AMD CPUs Makes Flush-based Attacks Effective

May 30, 2020
Modern Intel and AMD processors are susceptible to a new form of side-channel attack that makes flush-based cache attacks resilient to system noise, newly published research shared with The Hacker News has revealed. The findings are from a paper " DABANGG: Time for Fearless Flush based Cache Attacks " published by a pair of researchers, Biswabandan Panda and Anish Saxena, from the Indian Institute of Technology (IIT) Kanpur earlier this week. Dubbed " Dabangg " (meaning fearless), the approach builds upon the Flush+Reload and Flush+Flush attacks, which have been exploited previously by other researchers to leak data from Intel CPUs. However, the new variant aims to improve the accuracy of these attacks even in a noisy multi-core system. It also works seamlessly against non-Linux Operating Systems, like macOS. "Like any other cache attacks, flush based cache attacks rely on the calibration of cache latency," Biswabandan Panda, assistant profes
9 Steps to Get CTEM on Your 2025 Budgetary Radar

9 Steps to Get CTEM on Your 2025 Budgetary Radar

Nov 06, 2024Threat Management / Business Continuity
Budget season is upon us, and everyone in your organization is vying for their slice of the pie. Every year, every department has a pet project that they present as absolutely essential to profitability, business continuity, and quite possibly the future of humanity itself. And no doubt that some of these actually may be mission critical. But as cybersecurity professionals, we understand that the rollout of a viable CTEM ( Continuous Threat Exposure Management ) program actually is . In any year, cybersecurity investments are tough budgetary sells – they're hard to quantify and don't always clearly drive revenues or cut costs. In today's belt-tightening climate, all the more so. Even though cybersecurity budgets will likely grow this year according to Forrester, it's still important to make sure today that CTEM doesn't slip down the budget priority list.  In this article, we'll discuss how to keep CTEM on the budgetary radar. But First – Here are Some Reasons Why CTEM is Objectiv
9 Years of AMD Processors Vulnerable to 2 New Side-Channel Attacks

9 Years of AMD Processors Vulnerable to 2 New Side-Channel Attacks

Mar 09, 2020
AMD processors from as early as 2011 to 2019 carry previously undisclosed vulnerabilities that open them to two new different side-channel attacks, according to a freshly published research. Known as " Take A Way ," the new potential attack vectors leverage the L1 data (L1D) cache way predictor in AMD's Bulldozer microarchitecture to leak sensitive data from the processors and compromise the security by recovering the secret key used during encryption. The research was published by a group of academics from the Graz University of Technology and Research Institute of Computer Science and Random Systems (IRISA), who responsibly disclosed the vulnerabilities to AMD back in August 2019. "We are aware of a new white paper that claims potential security exploits in AMD CPUs, whereby a malicious actor could manipulate a cache-related feature to potentially transmit user data in an unintended way," AMD said in an advisory posted on its website over the weekend
cyber security

AWS EKS Security Best Practices [Cheat Sheet]

websiteWiz.ioCloud Security / Kubernetes
Unlock this one-stop resource for mastering EKS security best practices and safeguarding your cloud-native applications.
7 New Meltdown and Spectre-type CPU Flaws Affect Intel, AMD, ARM CPUs

7 New Meltdown and Spectre-type CPU Flaws Affect Intel, AMD, ARM CPUs

Nov 14, 2018
Disclosed earlier this year, potentially dangerous Meltdown and Spectre vulnerabilities that affected a large family of modern processors proven that speculative execution attacks can be exploited in a trivial way to access highly sensitive information. Since then, several more variants of speculative execution attacks have been discovered, including Spectre-NG , SpectreRSB, Spectre 1.1, Spectre1.2, TLBleed , Lazy FP , NetSpectre and Foreshadow , patches for which were released by affected vendors time-to-time. Speculative execution is a core component of modern processors design that speculatively executes instructions based on assumptions that are considered likely to be true. If the assumptions come out to be valid, the execution continues, otherwise discarded. Now, the same team of cybersecurity researchers who discovered original Meltdown and Spectre vulnerabilities have uncovered 7 new transient execution attacks affecting 3 major processor vendors—Intel, AMD, ARM. W
8 New Spectre-Class Vulnerabilities (Spectre-NG) Found in Intel CPUs

8 New Spectre-Class Vulnerabilities (Spectre-NG) Found in Intel CPUs

May 05, 2018
A team of security researchers has reportedly discovered a total of eight new " Spectre-class " vulnerabilities in Intel CPUs, which also affect at least a small number of ARM processors and may impact AMD processor architecture as well. Dubbed Spectre-Next Generation , or Spectre-NG , the partial details of the vulnerabilities were first leaked to journalists at German computer magazine Heise, which claims that Intel has classified four of the new vulnerabilities as "high risk" and remaining four as "medium." The new CPU flaws reportedly originate from the same design issue that caused the original Spectre flaw , but the report claims one of the newly discovered flaws allows attackers with access to a virtual machine (VM) to easily target the host system, making it potentially more threatening than the original Spectre vulnerability. "Alternatively, it could attack the VMs of other customers running on the same server. Passwords and secret k
13 Critical Flaws Discovered in AMD Ryzen and EPYC Processors

13 Critical Flaws Discovered in AMD Ryzen and EPYC Processors

Mar 13, 2018
Security researchers claimed to have discovered 13 critical Spectre/Meltdown -like vulnerabilities throughout AMD's Ryzen and EPYC lines of processors that could allow attackers to access sensitive data, install persistent malware inside the chip, and gain full access to the compromised systems. All these vulnerabilities reside in the secure part of the AMD's Zen architecture processors and chipsets—typically where device stores sensitive information such as passwords and encryption keys and makes sure nothing malicious is running when you start your PC. The alleged vulnerabilities are categorized into four classes—RYZENFALL, FALLOUT, CHIMERA, and MASTERKEY—and threaten wide-range of servers, workstations, and laptops running vulnerable AMD Ryzen, Ryzen Pro, Ryzen Mobile or EPYC processors. Discovered by a team of researchers at Israel-based CTS-Labs, newly disclosed  unpatched vulnerabilities defeat AMD's Secure Encrypted Virtualization (SEV) technology and could
Meltdown and Spectre CPU Flaws Affect Intel, ARM, AMD Processors

Meltdown and Spectre CPU Flaws Affect Intel, ARM, AMD Processors

Jan 04, 2018
Unlike the initial reports suggested about Intel chips being vulnerable to some severe 'memory leaking' flaws, full technical details about the vulnerabilities have now been emerged, which revealed that almost every modern processor since 1995 is vulnerable to the issues. Disclosed today by Google Project Zero , the vulnerabilities potentially impact all major CPUs, including those from AMD, ARM, and Intel—threatening almost all PCs, laptops, tablets, and smartphones, regardless of manufacturer or operating system. These hardware vulnerabilities have been categorized into two attacks , named Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 and CVE-2017-5715), which could allow attackers to steal sensitive data which is currently processed on the computer. Both attacks take advantage of a feature in chips known as "speculative execution," a technique used by most modern CPUs to optimize performance. "In order to improve performance, many CPUs may choose t
Cybersecurity
Expert Insights / Articles Videos
Cybersecurity Resources