China’s infosec leads accuse Intel of NSA backdoor, cite chip security flaws

October 16, 2024 at 02:34PM The Cybersecurity Association of China has accused Intel of embedding backdoors in its CPUs since 2008 and called for an investigation, alleging the company’s practices threaten national security. Intel faces scrutiny amid geopolitical tensions, with concerns over product vulnerabilities and potential impacts on its revenue from China. ### Meeting Takeaways: … Read more

New CounterSEVeillance and TDXDown Attacks Target AMD and Intel TEEs

October 15, 2024 at 05:42AM Intel and AMD have addressed the emergence of new attack methods, TDXDown and CounterSEVeillance, which threaten their Trusted Execution Environment (TEE) technologies, TDX and SEV. The response highlights the need for increased security measures against these vulnerabilities. **Meeting Takeaways:** 1. **New Attack Methods Identified**: Intel and AMD have acknowledged the … Read more

Intel Informs Customers About Over a Dozen Processor Vulnerabilities

September 11, 2024 at 10:06AM Intel recently published security advisories detailing over 20 vulnerabilities in their processors and products. These advisories cover issues such as UEFI firmware vulnerabilities affecting various processor series, ranging from Atom to Xeon. Majority of the flaws have a ‘high severity’ rating and can lead to privilege escalation, DoS attacks, and … Read more

Intel Responds to SGX Hacking Research

September 3, 2024 at 06:51AM Security researcher Mark Ermolov claims to have made progress in hacking Intel’s SGX data protection technology, extracting cryptographic keys. Johns Hopkins University’s Pratyush Ranjan Tiwari highlighted the severity of this breach, affecting older processors widely used in embedded systems. Intel responded, stating the tests were conducted on unmitigated systems with … Read more

Millions of Devices Vulnerable to ‘PKFail’ Secure Boot Bypass Issue

July 26, 2024 at 05:24PM Millions of Intel and ARM-based computing systems are vulnerable to attackers due to a leaked cryptographic key used in the Secure Boot process. The issue, dubbed “PKFail,” allows bypassing of Secure Boot and affects devices from vendors like Lenovo, HP, and Asus. Firmware updates are needed to address this widespread … Read more

Intel Publishes 41 Security Advisories for Over 90 Vulnerabilities 

May 15, 2024 at 11:21AM Intel released 41 security advisories addressing over 90 vulnerabilities in its products. Critical vulnerability CVE-2024-22476 was found in Neural Compressor, allowing unauthenticated remote attackers to escalate privileges. High-severity flaws were also found in UEFI firmware, graphics, and network products. Additionally, there were medium-severity vulnerabilities in various hardware and software products. … Read more

Fileless Attacks Prompt Intel’s Next-Gen Security

April 12, 2024 at 02:46PM Trend is fortifying its endpoint solutions to detect fileless attacks early by integrating Intel Threat Detection Technology, providing greater scalability and resiliency. Trend’s Worry-Free Business Solution will be the first to incorporate this technology, followed by Trend Apex One and Trend Vision One™. This collaboration sets a new standard for … Read more

It’s 2024 and Intel silicon is still haunted by data-spilling Spectre

April 10, 2024 at 04:32PM VU Amsterdam academics discovered that Intel CPU cores are still vulnerable to Spectre attacks, despite mitigations. They created InSpectre Gadget, which can find code snippets to bypass protections, even on chips with Spectre defenses. The tool helped develop Native Branch History Injection exploit, allowing access to sensitive data. AMD and … Read more

Intel Core Ultra vPro Platform Brings New Security Features

February 28, 2024 at 07:45AM Intel announced new security features with the latest vPro platform and premium Core Ultra processors, including AI capabilities and hardware-based authentication. The Silicon Security Engine secures devices against firmware threats, while Device Health goes beyond Microsoft’s Secured PC Core requirement. Threat Detection Technology now uses NPU-assisted anomaly detection, and Hardware … Read more

Chipmaker Patch Tuesday: Intel, AMD Address Over 130 Vulnerabilities

November 15, 2023 at 05:09AM Chipmakers Intel and AMD released security advisories this week, disclosing a total of more than 130 vulnerabilities in their products. Intel addressed 105 vulnerabilities, including a critical flaw in Data Center Manager software. AMD disclosed 27 vulnerabilities, with one impacting AMD Secure Encrypted Virtualization and another in SMM Supervisor. Both … Read more