It’s 2024 and Intel silicon is still haunted by data-spilling Spectre

April 10, 2024 at 04:32PM VU Amsterdam academics discovered that Intel CPU cores are still vulnerable to Spectre attacks, despite mitigations. They created InSpectre Gadget, which can find code snippets to bypass protections, even on chips with Spectre defenses. The tool helped develop Native Branch History Injection exploit, allowing access to sensitive data. AMD and … Read more

New SLAM attack steals sensitive data from AMD, future Intel CPUs

December 6, 2023 at 07:57PM Researchers at VUSec discovered “SLAM,” a side-channel attack exploiting memory features in future CPUs from Intel, AMD, and Arm, to leak sensitive information like root password hashes. Despite the intended security improvements, these features inadvertently enable SLAM by not checking address canonicality, creating micro-architectural race conditions. Existing defenses are deemed … Read more