SEARCH
Archive
What IT Needs to Know About Foreshadow
Foreshadow/L1TF refer to a group of vulnerabilities that can be exploited in modern Intel chips using speculative execution attacks to bypass security protections and harvest sensitive information.
NetSpectre Highlights New Ways to Exploit Speculative Execution
NetSpectre is not an immediate threat: no known malware exists in the wild. The research is important because it deepens our understanding of microprocessor architecture and ways speculative execution can be abused.
Expect More Spectre, Meltdown Variants Until Updated Chips Arrive
After Meltdown and Spectre, many researchers warned that increased scrutiny on side-channel meant more attacks will be found, so the discovery of "Variant 4" is not a surprise. More variants will be found as chip makers update their designs over the next few years to fix the issues.
Don’t Try This at Home: Chip Decapsulation
Mikhail Davidov decided to see what it would take to develop a process to manually decapsulate chips. After months of work, experimentation, and trial and error, he succeeded.
BranchScope: Another Processor-Based Attack
Much like Spectre, BranchScope is an attack that focuses on the processor's branch prediction system. That doesn't mean the processors are hopelessly vulnerable. It just means that as more researchers start exploring various features in modern CPUs, more issues will be found.