Cyber security news for all

More

    Speculative execution vulnerability in Intel processors

    The serious gap can be found in the so-called converged security and management engine, the part of the hardware that is responsible for securing the hardware on the firmware that runs on systems with an Intel drive. Intel’s management engine is responsible for the initial authentication of Intel-based systems by loading and checking all other firmwares for modern platforms.

    Intel’s CSME Also Forms The Cryptographic Basis For Hardware

    Security technologies that are developed by Intel and used everywhere: This applies among other things to Intel’s own identity protection.

    Reports of security vulnerabilities in virtually all current processors and chipsets have now come to light in quick succession. This affects both Intel and AMD.

    According to security researchers, AMD is a gap in the processors, about which the manufacturer was informed in summer. Specifically, all current AMD processors are said to have been affected.

    The error itself was revealed by the reverse engineering of the prediction mechanism of the L1 cache of the corresponding processors, whereby the researchers claim that attacks via JavaScript were successful. The attacks are said to expose some meta-data, but are not too critical.

    Intel has told security experts that the vulnerability is already known and efforts are being made to close all possible attack vectors. According to the experts, this will be a very large task due to the depth of the problem: Intel believes that there are many ways to exploit this vulnerability in ROM. However, many of the attack scenarios require direct access to the systems. Intel currently tells that special hardware is required to use it. The actual impact of the security vulnerability is currently difficult to assess as usual, but experience has shown that panic is also not appropriate, especially for private users.

    Recent Articles

    TikTok has fixed a serious security gap issue

    TikTok accounts paid a researcher a reward of 4000 dollars after he reported two vulnerabilities as part of a disclosure. A combination of both...

    Passwords should be changed for Fortinet VPNs

    Administrators should change the access for Fortinet VPNs in use. Log-in information for almost 50,000 VPN networks has appeared in various cyber blogs. A security...

    Twitter confirmed to bring back account verification

    Twitter is bringing back verifications for the account verification in the beginning of 2021. Certain users will then be given a control mark again,...

    350,000 Spotify users were hacked

    At the beginning of July this year, security researchers discovered an unsecured database that contained access and other information from 350,000 Spotify users. Spotify...

    Europol sees artificial intelligence as a dangerous cyber threat

    Cyber criminals can use intelligence to carry out attacks more easily and thus cause more damage. Europol is warning of this in a joint...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox