8 matches found
NIST Standardizes Ascon Cryptographic Algorithm for IoT and Other Lightweight Devices
The U.S. National Institute of Standards and Technology NIST has announced that a family of authenticated encryption and hashing algorithms known as Ascon will be standardized for lightweight cryptography applications. "The chosen algorithms are designed to protect information created and...
Speculative Execution and Indirect Branch Prediction Side Channel Analysis Method
Summary: Updated Recommendations Section 04/04/2018 Today a team of security researchers disclosed several software analysis methods that, when used for malicious purposes, have the potential to improperly gather sensitive data from many types of computing devices with many different vendors’...
RAMBleed Side-Channel Attack Exposes Privileged Memory
A team of academic researchers has discovered a follow-on to the Rowhammer class of attacks that allows attackers to read memory data on a target Windows computer, without actually accessing the memory itself. The method is dubbed RAMBleed. Andrew Kwong and Daniel Genkin at the University of...
ZombieLoad Pioneer: The Story Behind Intel’s Latest Side Channel Flaw
The release of a new speculative execution vulnerability called ZombieLoad last week follows a similar disclosure path as Meltdown and Spectre. Threatpost caught up with one of the researchers behind the discovery of ZombieLoad to find out how. ZombieLoad was discovered and reported by Michael...
Intel ZombieLoad Side-Channel Attack: 10 Takeaways
Intel on Tuesday revealed a new class of speculative execution vulnerabilities, dubbed Microarchitectural Data Sampling MDS, which impact all its modern CPUs. The flaws all ultimately depend on different ways of executing side channel attacks to siphon data from impacted systems – and result in...
Intel Halts Spectre/Meltdown Patching for Broadwell and Haswell Systems
Intel is advising OEMs and partners to halt patching for the Spectre and Meltdown vulnerabilities amid numerous reports the updates are causing reboot issues on systems running the Broadwell and Haswell microprocessors. “We recommend that OEMs, cloud service providers, system manufacturers,...
About the security content of macOS High Sierra 10.13.2 Supplemental Update - Apple Support
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...
CPU hardware vulnerable to side-channel attacks
Overview CPU hardware implementations are vulnerable to cache side-channel attacks. These vulnerabilities are referred to as Meltdown and Spectre. Description CPU hardware implementations are vulnerable to side-channel attacks referred to as Meltdown and Spectre. Both Spectre and Meltdown take...