Cyber security news for all

More

    Speculative execution vulnerability in Intel processors

    The serious gap can be found in the so-called converged security and management engine, the part of the hardware that is responsible for securing the hardware on the firmware that runs on systems with an Intel drive. Intel’s management engine is responsible for the initial authentication of Intel-based systems by loading and checking all other firmwares for modern platforms.

    Intel’s CSME Also Forms The Cryptographic Basis For Hardware

    Security technologies that are developed by Intel and used everywhere: This applies among other things to Intel’s own identity protection.

    Reports of security vulnerabilities in virtually all current processors and chipsets have now come to light in quick succession. This affects both Intel and AMD.

    According to security researchers, AMD is a gap in the processors, about which the manufacturer was informed in summer. Specifically, all current AMD processors are said to have been affected.

    The error itself was revealed by the reverse engineering of the prediction mechanism of the L1 cache of the corresponding processors, whereby the researchers claim that attacks via JavaScript were successful. The attacks are said to expose some meta-data, but are not too critical.

    Intel has told security experts that the vulnerability is already known and efforts are being made to close all possible attack vectors. According to the experts, this will be a very large task due to the depth of the problem: Intel believes that there are many ways to exploit this vulnerability in ROM. However, many of the attack scenarios require direct access to the systems. Intel currently tells that special hardware is required to use it. The actual impact of the security vulnerability is currently difficult to assess as usual, but experience has shown that panic is also not appropriate, especially for private users.

    Recent Articles

    Hackers stole thousands of passport data in Argentina

    In response to millions of dollars ransom refused by the Argentine Immigration Service, a ransomware group released passport data from hundreds of thousands of...

    USA wants to improve cybersecurity of space systems

    CISA has published a table this week that summarizes Chinese activities against cybersecurity. Some attacks have succeeded and enabled hackers to gain a foothold...

    Unknown attackers had access to personal data of Warner Music

    Warner Music Group has admitted a security incident in which customers card details were stolen in some of the company's online stores. Warner Music...

    Donald Trump wants to force a sale of TikTok to Microsoft

    It was recently announced that President Donald Trump plans to prohibit business with the owners of TikTok by decree. The American head of state...

    PIN protection is cracked for contactless payments

    Contactless payments by card only works up to typically 30 dollars without a PIN. The PIN is actually  requested for high payments. This is...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox