all InfoSec news
Downfall Attacks on Intel CPUs Steal Encryption Keys, Data
Aug. 12, 2023, 4:01 a.m. | Ionut Ilascu
The RISKS Digest catless.ncl.ac.uk
Ionut Ilascu, *Bleeping Computer*, 8 Aug 2023
Google's Daniel Moghimi exploited the so-called "Downfall" bug in Intel
central processing units to steal passwords, encryption keys, and private
data from computers shared by multiple users. The transient execution
side-channel vulnerability affects multiple Intel microprocessor lines,
allowing hackers to exfiltrate Software Guard eXtensions-encrypted
information. Moghimi said Downfall attacks leverage the <i>gather</i>
instruction that "leaks the content of the internal vector register file
during speculative execution." He developed the Gather Data Sampling exploit …
attacks bleeping computer bug called channel computer computers cpus daniel data downfall encrypted encryption encryption keys exploited extensions google guard hackers intel intel cpus keys microprocessor passwords private private data side-channel software steal vulnerability
More from catless.ncl.ac.uk / The RISKS Digest
EFI IPv6/PXE Security Flaw
4 months, 1 week ago |
catless.ncl.ac.uk
Imaging privacy threats from an ambient light sensor
4 months, 1 week ago |
catless.ncl.ac.uk
Re: CLEAR wants to scan your face at airports. Privacy experts are worried.
4 months, 1 week ago |
catless.ncl.ac.uk
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Corporate Intern - Information Security (Year Round)
@ Associated Bank | US WI Remote
Senior Offensive Security Engineer
@ CoStar Group | US-DC Washington, DC