TLBleed attack can extract signing keys

new side-channel attack abuses the Hyper-Threading feature of Intel chips and can extract signing keys with near-perfect accuracy. New attack TLBleed, takes advantage of the translation lookaside buffer cache of Intel chips. If exploited, TLBleed can allow an attacker to extract the secret 256-bit key used to sign programs, with a success rate of 99.8% … Continue reading TLBleed attack can extract signing keys →

Racist machine

— source propublica.org

Oh government is controlling

Security and Privacy in a Hyper-connected World Bruce Schneier, Security Expert

NSA Denies Prior Knowledge Of Meltdown, Spectre Exploits

Rob Joyce, White House cybersecurity coordinator, told Washington Post, “NSA did not know about the flaw, has not exploited it and certainly the U.S. government would never put a major company like Intel in a position of risk like this to try to hold open a vulnerability.” Current and former U.S. officials also said the … Continue reading NSA Denies Prior Knowledge Of Meltdown, Spectre Exploits →

Cyberattack Shows Vulnerability of Gas Pipeline Network

A cyberattack on a shared data network forced four of the nation’s natural-gas pipeline operators to temporarily shut down computer communications with their customers over the last week. No gas service was interrupted, the companies said, and the interruption of customer transactions was merely a precaution. It was unclear whether any customer data was stolen. … Continue reading Cyberattack Shows Vulnerability of Gas Pipeline Network →

Intel did not tell U.S. cyber officials about chip flaws until made public

Intel Corp did not inform U.S. cyber security officials of the so-called Meltdown and Spectre chip security flaws until they leaked to the public, six months after Alphabet Inc notified the chipmaker of the problems, according to letters sent by tech companies to lawmakers on Thursday. Intel did not tell the United States Computer Emergency … Continue reading Intel did not tell U.S. cyber officials about chip flaws until made public →

How So Many Researchers Found a 20-Year-Old Chip Flaw At the Same Time

On a cold Sunday early last month in the small Austrian city of Graz, three young researchers sat down in front of the computers in their homes and tried to break their most fundamental security protections. Two days earlier, in their lab at Graz's University of Technology, Moritz Lipp, Daniel Gruss, and Michael Schwarz had … Continue reading How So Many Researchers Found a 20-Year-Old Chip Flaw At the Same Time →

Intel facing class-action lawsuits over Meltdown and Spectre bugs

Intel has been hit with at least three class-action lawsuits over the major processor vulnerabilities revealed this week. The flaws, called Meltdown and Spectre, exist within virtually all modern processors and could allow hackers to steal sensitive data although no data breaches have been reported yet. While Spectre affects processors made by a variety of … Continue reading Intel facing class-action lawsuits over Meltdown and Spectre bugs →

Linus Torvalds is so angry with Intel

I think somebody inside of Intel needs to really take a long hard look at their CPU's, and actually admit that they have issues instead of writing PR blurbs that say that everything works as designed. .. and that really means that all these mitigation patches should be written with "not all CPU's are crap" … Continue reading Linus Torvalds is so angry with Intel →

Bad Rabbit Ransomware Outbreak Also Used NSA Exploit

Two days after the Bad Rabbit ransomware outbreak has wreaked havoc in Russia and Ukraine, security researchers are still unearthing details regarding the malware's modus operandi. While initially it was believed that the ransomware spread from the initial victim to nearby computers using a custom scanning mechanism that relied on the SMB protocol, new research … Continue reading Bad Rabbit Ransomware Outbreak Also Used NSA Exploit →