speculative execution attack | Breaking Cybersecurity News | The Hacker News

With speculative execution attacks remaining a stubbornly persistent vulnerability ailing modern processors, new research has highlighted an "industry failure" to adopt mitigations released by AMD and Intel, posing a firmware supply chain threat. Dubbed  FirmwareBleed  by Binarly, the information leaking assaults stem from the continued exposure of microarchitectural attack surfaces on the part of enterprise vendors either as a result of not correctly incorporating the fixes or only using them partially. "The impact of such attacks is focused on disclosing the content from privileged memory (including protected by virtualization technologies) to obtain sensitive data from processes running on the same processor (CPU)," the firmware protection firm  said  in a report shared with The Hacker News. "Cloud environments can have a greater impact when a physical server can be shared by multiple users or legal entities." In recent years, implementations of sp

Security researchers have uncovered yet another vulnerability affecting numerous older AMD and Intel microprocessors that could bypass current defenses and result in Spectre-based speculative-execution attacks. Dubbed  Retbleed  by ETH Zurich researchers Johannes Wikner and Kaveh Razavi, the issue is tracked as CVE-2022-29900 (AMD) and CVE-2022-29901 (Intel), with the chipmakers  releasing   software   mitigations  as part of a coordinated disclosure process. Retbleed is also the latest addition to a class of  Spectre attacks  known as Spectre-BTI (CVE-2017-5715 or Spectre-V2), which exploit the side effects of an optimization technique called  speculative execution  by means of a timing side channel to trick a program into accessing arbitrary locations in its memory space and leak private information. Speculative execution attempts to fill the instruction pipeline of a program by predicting which instruction will be executed next in order to gain a performance boost, while also u

Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access. As we depend on multi-factor authentication and passwords to safeguard human identities, a pressing question arises: How do we guarantee the security and integrity of these non-human counterparts? How do we authenticate, authorize, and regulate access for entities devoid of life but crucial for the functioning of critical systems? Let's break it down. The challenge Imagine a cloud-native application as a bustling metropolis of tiny neighborhoods known as microservices, all neatly packed into containers. These microservices function akin to diligent worker bees, each diligently performing its designated task, be it processing data, verifying credentials, or

It turns out that the root cause behind several previously disclosed speculative execution attacks against modern processors, such as Meltdown and Foreshadow , was misattributed to 'prefetching effect,' resulting in hardware vendors releasing incomplete mitigations and countermeasures. Sharing its findings with The Hacker News, a group of academics from the Graz University of Technology and CISPA Helmholtz Center for Information Security finally revealed the exact reason behind why the kernel addresses are cached in the first place, as well as presented several new attacks that exploit the previously unidentified underlying issue, allowing attackers to sniff out sensitive data. The new research explains microarchitectural attacks were actually caused by speculative dereferencing of user-space registers in the kernel, which not just impacts the most recent Intel CPUs with the latest hardware mitigations, but also several modern processors from ARM, IBM, and AMD — previou

A new variant of the Spectre (Variant 1)  side-channel vulnerability has been discovered that affects all  modern Intel CPUs , and probably some AMD processors as well, which leverage speculative execution for high performance, Microsoft and Red Hat warned. Identified as CVE-2019-1125, the vulnerability could allow unprivileged local attackers to access sensitive information stored in the operating system privileged kernel memory, including passwords, tokens, and encryption keys, that would otherwise be inaccessible. Speculative execution is a core component of modern microprocessor design that speculatively executes instructions based on assumptions that are considered likely to be true. If the assumptions come out to be valid, the execution continues, otherwise discarded. Such speculative executions also have side effects that are not restored when the CPU state is unwound, leading to information disclosure, which can then be accessed using side-channel attacks . Microsof

Disclosed earlier this year, potentially dangerous Meltdown and Spectre vulnerabilities that affected a large family of modern processors proven that speculative execution attacks can be exploited in a trivial way to access highly sensitive information. Since then, several more variants of speculative execution attacks have been discovered, including Spectre-NG , SpectreRSB, Spectre 1.1, Spectre1.2, TLBleed , Lazy FP , NetSpectre and Foreshadow , patches for which were released by affected vendors time-to-time. Speculative execution is a core component of modern processors design that speculatively executes instructions based on assumptions that are considered likely to be true. If the assumptions come out to be valid, the execution continues, otherwise discarded. Now, the same team of cybersecurity researchers who discovered original Meltdown and Spectre vulnerabilities have uncovered 7 new transient execution attacks affecting 3 major processor vendors—Intel, AMD, ARM. W