Intel’s Software Guard Extensions broken? Don’t panic

August 27, 2024 at 04:11PM Intel’s SGX security system vulnerability has been highlighted, allowing an attacker full access to secure enclaves due to a coding error. Although Intel claims physical access is required, and prior vulnerabilities need exploiting, the risk remains significant. The issue lies in SGX software, potentially compromising trusted enclaves. This poses a … Read more

Researchers Uncover UEFI Vulnerability Affecting Multiple Intel CPUs

June 20, 2024 at 10:58AM Cybersecurity researchers have disclosed a now-patched security flaw in Phoenix SecureCore UEFI firmware affecting multiple Intel Core processor families. Tracked as CVE-2024-0762 with a CVSS score of 7.5, the “UEFIcanhazbufferoverflow” vulnerability allowed a local attacker to execute malicious code within the firmware, impacting devices using Phoenix SecureCore firmware on select … Read more

New Spectre v2 attack impacts Linux systems on Intel CPUs

April 10, 2024 at 01:24PM Researchers have developed the first native Spectre v2 exploit, affecting Linux systems on modern Intel processors. The discovery highlights the ongoing challenge of balancing performance optimization with security. Spectre V2 leverages speculative execution, leaving traces of sensitive data in CPU caches, and introduces security risks. Various entities are responding with … Read more

Researchers Resurrect Spectre v2 Attack Against Intel CPUs

April 10, 2024 at 10:25AM VUSec cybersecurity group at VU Amsterdam university revealed a new form of the Spectre v2 attack targeting Intel processors. Named Branch History Injection (BHI), it bypasses hardware mitigations and can leak kernel memory on the latest Intel CPUs. Intel updated guidance on mitigations and plans to address BHI in future … Read more