Connect with us
Experts presented two Meltdown like attacks on AMD CPUs at once Experts presented two Meltdown like attacks on AMD CPUs at once

Security

Experts presented two Meltdown-like attacks on AMD CPUs at once

Published

on

The attacks have the same consequences as Meltdown, to which AMD processors were previously considered invulnerable.

Over the past two months, experts have published as many as two studies on side-channel attacks on AMD processors. The attacks have the same consequences as the infamous Meltdown attack, to which AMD processors were previously considered invulnerable.

In general terms, Meltdown allows malicious applications to abuse speculative execution in order to break down the barrier between applications and the operating system kernel.

How explained Specialists, the attack allows a malicious application to steal sensitive information from the kernel, such as passwords, encryption keys, and user data that applications should not have access to under normal conditions.

Initially, the authors of Meltdown reported that their attack only works on Intel processors, but not on AMD, since the speculative execution function works differently in them. As it became known after some time, ARM processors are also susceptible to the attack, but AMD was still considered invulnerable.

Nevertheless, almost three years later, Dresden Technical specialists found a method of attacking AMD processors, which he described as a Meltdown-like technique.

This month was published a second study describing yet another way to carry out a Meltdown-like attack on AMD. The authors of the attack are three researchers who developed the original Meltdown attack in 2018. The method is based on the use of x86 PREFETCH instructions and in the same way allows you to steal data from the kernel space.

AMD has acknowledged the validity of both studies and confirmed that all AMD processors are vulnerable. However, it did not release any firmware updates (vulnerabilities were identified by CVE-2020-12965 and CVE-2021-26318), and urged software developers to follow the secure coding methodology.

Click to comment

Leave a Reply

Your email address will not be published.

Phones

Apple has reported a possible vulnerability in the operating systems of the iPhone and iPad

Published

on

Apple has reported a possible vulnerability in the operating systems

A vulnerability has been discovered in the operating systems of iPhones and iPads that could give hackers full administrative access to devices. It is in the core of the system and in the engine for displaying WebKit web pages. As noted, the problem has been fixed in the latest firmware versions.

Apple has reported a possible vulnerability in the operating systems of the iPhone and iPad

The media talked about this, and also said that some “anonymous researchers” helped discover the company’s vulnerability, but Apple did not disclose details.

As follows from the report, attackers could run applications with administrator privileges and act on behalf of the owner of the device. The issue affected iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation). This affected the iOS 15.6.1 and iPadOS 15.6.1 operating systems.

The company’s technical support has already stated that the problem has been fixed, and independent experts have stated that they recommend updating the OS to the latest current version.

The full iOS 16 update will be released in September, and watchOS 9 for smartwatches is also expected. But the new version of iPadOS will appear later, like macOS Ventura.

Continue Reading

Security

NASA intends to “in full force” to investigate UFOs – this will be done by specialists in aerospace security and artificial intelligence

Published

on

NASA intends to in full force to investigate UFOs

NASA is seriously planning to do research on UFOs. The agency announced this in June, and now there are new details. The research will be led by astrophysicist David Spergel, president of the Simons Foundation in New York. The group will also include 15-17 of the world’s leading scientists, including aerospace security experts and artificial intelligence specialists.

NASA intends to

The formation of the group is planned to be completed by October. The project itself is designed for 9 months, and the cost of research will be about $100,000.

According to Daniel Evans, spokesman for the Agency’s Science Mission Directorate (SMD), NASA intends to study the phenomenon “in full force”. At the same time, the agency tries to avoid the term UFO, instead using the concept of “unidentified aerial phenomena” (UAP).

Evans noted that NASA has a unique opportunity for such work. He also stated that other agencies do not enjoy such public confidence. The aim of the project is to classify the available UAP data and find ways to monitor it.

Earlier, NASA launched a service that shows how the human voice sounds on Mars.

Continue Reading

Security

Is Elon Musk’s Satellite Internet Under Threat? Enthusiast Hacked Starlink User Terminal

Published

on

Is Elon Musks Satellite Internet Under Threat Enthusiast Hacked Starlink

At the Black Hat Security Technology Conference recently held in Las Vegas, Lennert Wouters, a cybersecurity specialist from KU Leuven (Belgium), shared his experience of successfully hacking Starlink user equipment. True, this was not a classic software hack, since the researcher had to make a so-called “modchip”.

Is Elon Musk's Satellite Internet Under Threat?  Enthusiast Hacked Starlink User Terminal

The cost of manufacturing a chip connected to a Starlink subscriber terminal was $25. The chip caused a short-term short circuit, which disabled the built-in protection systems, after which the specialist gained access to the terminal. And already from it you can run any commands.

Is Elon Musk's Satellite Internet Under Threat?  Enthusiast Hacked Starlink User Terminal

Our attack could render Starlink user terminals unusable and allow us to execute arbitrary code.”Wouters said.

Is Elon Musk's Satellite Internet Under Threat?  Enthusiast Hacked Starlink User Terminal

This is what the Starlink terminal looks like

According to the researcher, the only reliable way to avoid such an attack is to create a new version of the main “dish” chip. Other ways to fix the problem. However, this hacking option provides direct access to subscriber equipment, and this is not the easiest option, but the Starlink system, apparently, is well protected from remote hacking. So its users hardly need to worry.

Continue Reading

Most Popular