Discord Server Red Security Twitter Donation to Red Security Red Security Youtube Channel Red Security Tumblr Profile
Windscribe
Login or Register to Hide ads and Accessing all features on the forum
Thread Rating:
  • 1 Vote(s) - 1 Average
  • 1
  • 2
  • 3
  • 4
  • 5
News PortSmnash Side-Channel Vulnerability in Intel CPUs
#1
[Image: images?q=tbn:ANd9GcRLabdF7FSuxKZnedpRMKp...9OfgMjXRV1]



    Another threat to Intel CPUs has been discovered, this vulnerability called "PortSmash", which seems similar to previously discovered TLBleed, as it also lets attacks steal crytographic keys. 


 So far the exploit has only been verified on Skylake and Kaby Lake chips; however, the exploit might affect all chips using Simultaneous Multithreading (or SMT) Architecture. The researchers also suspect it may affect AMD Ryzen as well. 

 The Advisory, as posted by the researchers who discovered the flaw, can be found here.

 One of the aforementioned researchers, Billy Brunley, published a proof-of-concept of the exploit on his GitHub account.

  
  Intel has this to say: 

   “Intel received notice of the research. This issue is not reliant on speculative execution and is therefore unrelated to Spectre, Meltdown or L1 Terminal Fault. We expect that it is not unique to Intel platforms. Research on side-channel analysis methods often focuses on manipulating and measuring the characteristics, such as timing, of shared hardware resources. Software or software libraries can be protected against such issues by employing side channel safe development practices.”
  


  That was the news folks, the week is still chugging along, have a good one and stay safe out there. 



  ----Sh7nk-Z0id
01001001 00100000 01000001 01001101 00100000 01011010 01001111 01000100 01001001 01000001 01000011
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
Star News Can Vulnerability Scanning Replace Penetration Testing? News 0 170 08-30-2020, 02:08 AM
Last Post: News
Star News Vulnerability Volume Poised to Overwhelm Infosec Teams News 0 120 08-28-2020, 09:14 AM
Last Post: News
Star News Vulnerability Prioritization: Are You Getting It Right? News 0 850 08-10-2020, 07:33 PM
Last Post: News
Smile News Critical Vulnerability In Bisq Crypto Exchange Exploited For Some Users Mr.Kurd 0 347 04-10-2020, 02:46 PM
Last Post: Mr.Kurd
Rainbow News Vulnerability In WPvivid Backup Plugin Could Expose Files Of WordPress Sites Mr.Kurd 0 321 04-01-2020, 11:11 AM
Last Post: Mr.Kurd
Rainbow News Microsoft Alerts Users Of Zero-Day RCE Vulnerability In Windows 7 Under Active Exploi Mr.Kurd 0 395 03-26-2020, 09:03 AM
Last Post: Mr.Kurd
Thumbs Down News Slack Vulnerability Allowing Account Takeovers Mr.Kurd 0 306 03-17-2020, 08:11 PM
Last Post: Mr.Kurd
Exclamation News A vulnerability that Allows Hackers to Hijack Facebook Accounts Mr.Kurd 0 360 03-04-2020, 07:17 AM
Last Post: Mr.Kurd
Brick News OpenSMTPD Email Server Vulnerability Threatens Many Linux and BSD Systems Mr.Kurd 0 356 03-02-2020, 08:40 PM
Last Post: Mr.Kurd
  News Urgent !! Windows User Urged to Patch A Critical Crypto Vulnerability on Windows 10 Mr.Kurd 1 430 01-15-2020, 11:38 AM
Last Post: poolclosed



Users browsing this thread: 1 Guest(s)