#CryptographicAttacks

Hardware-level Apple Silicon vulnerability can leak cryptographic keys

by

March 22, 2024 at 11:06AM A new side-channel vulnerability, GoFetch, has been discovered in Apple Silicon processors, allowing malicious apps to extract cryptographic keys by exploiting the DMP feature. The vulnerability affects Apple M1, M2, and M3 chips, as well as Intel’s 13th Gen Raptor Lake microarchitecture. Disabling DMP may degrade performance, and third-party cryptographic … Read more

KeyTrap attack: Internet access disrupted with one DNS packet

by

February 19, 2024 at 08:38AM A serious vulnerability named KeyTrap in the DNSSEC feature could be exploited to deny internet access to applications for an extended period. Tracked as CVE-2023-50387, KeyTrap is a design issue in DNSSEC impacting DNS implementations. Researchers from ATHENE and partners discovered and addressed the issue, working with DNS service providers. … Read more