Comments
Intel Processor Security Flaw Prompts Kernel Makeovers in Linux, Windows
Newest First  |  Oldest First  |  Threaded View
Page 1 / 2   >   >>
caodangyduocsaigon
50%
50%
caodangyduocsaigon,
User Rank: Apprentice
6/1/2018 | 3:39:30 AM
Re: ...and what about Apple?
Renowned security expert Dan Kaminsky says without the details of the flaw out yet, it doesn't make sense to theorize about its ramifications. "I think we shouldn't speculate until the bug is disclosed," Kaminsky says. "Clearly, the notable part of this is whatever it is can't be addressed in microcode."
Ludivina
50%
50%
Ludivina,
User Rank: Strategist
2/3/2018 | 8:28:18 PM
Re: ...and what about IG followers for Apple's?
Well, there were different mentions from different blogs. Can you please tell me where did you found those sentences at?
BowlOfPetunias
50%
50%
BowlOfPetunias,
User Rank: Apprentice
2/1/2018 | 4:54:09 AM
And then what?
Suppose an attacker succeeds in exploiting this. What do they get back? A long string of jumbled text and numbers that looks like it might be a password? How do they know it's a password? How do they know it's all of the password and not cut short? I'm not totally clear how much of a benefit there is to an attacker. Probably not an instant win for the attacker, anyway. Some himan input would be needed from them.
dan91266
50%
50%
dan91266,
User Rank: Apprentice
1/31/2018 | 11:04:41 PM
Re: ...and what about Apple?
Still pretfy quiet on 'sploits for this... Calm before the storm, or much ado about othing?
dan91266
50%
50%
dan91266,
User Rank: Apprentice
1/19/2018 | 12:57:39 PM
Re: ...and what about IG followers for Apple's?
Another analyst here sumbled across a place called skyfallattack.com.  Could be a wateringhole attack in and of itself, so proceed with caution.   It's been almost 24 hours since it came up and I am thinking that if it were credible it would be HUGE news, but not hearing much. 

As always, take everything with a healthy grain of salt. I am HIGHLY skepticcal but thought it worth mentioning.

A genuine sploit for this would be AWEFUL.  So far though, it seems like all the benfits the hypothetical attack vector brings are more easily achieved other ways.  As in "Click here to claim your prize...

 

Cheers,

Dan91266
BrianN060
100%
0%
BrianN060,
User Rank: Ninja
1/19/2018 | 11:37:40 AM
Re: M/S exploits in the wild?
Reports of weaponized versions of the M/S exploits are not the same as evidence that some attacker has used them, or tried.  As attacks would likely be sophisticated, and against high-value targets; the attacks may have already begun - just not yet noticed. 

We have to consider that any victims might be slow to admit the fact. We also have to consider that existing vulnerabilities, exploits and attack vectors are causing more than enough damage without M/S.  Is there a danger of putting too much focus on, and too many resources defending against, the potential?
dan91266
50%
50%
dan91266,
User Rank: Apprentice
1/18/2018 | 9:42:52 PM
Re: ...and what about Apple?
Well one source is finally reporting today that they have seen weaponized versions of these sploits. They claim they cannot release details due to government restrictions or until chip vendors fix this, they are not entirely clear.

No confirmation yet that I have seen from a reliable source of truth so this may just be a really mean watering hole attack of some sort, or it may be the real deal.  If IBM X-Force, Cisco, or Microsoft or other reliable source confirms this... Katie bar the door!

My bet is that if this gets real you are suddenly going to see a prolifertion of non Intel, AMD, ARM custom ASICS with proprietary micro-code become real popular, real quick.  With virtualization technology so good, there is scant reason to run risky hardware, RISCy maybe, but not risky (sorry, couldn'resist the pun). I think the point is valid though, all puns aside.

This could get interesting fast. Wonder what the Rainbow Book/NIST guys have to handle this.  I understand that if you run trusted code (Cert signed code, I think), you are not vulnerable to the 'sploits. But who the heck runs 100% Microsoft signed code?

BTW, you Apple folks could be in the, uh sh*thole (to use a currently popular epithet) also. Lotta Macs on Intel silicon aren't there?

 

Cheers,

Dan S.
BrianN060
50%
50%
BrianN060,
User Rank: Ninja
1/17/2018 | 2:12:14 PM
Re: ...and what about IG followers for Apple's?
I've been listening for the other shoe to drop, too. 

One the one side, exploiting these vulnerabilities seems to require a sophisticated, targeted, attack - indicating a high-value target, and stealth.  On the other, there is a window that will close, as more and better mitigations/solutions are developed and applied - so if they are going to leverage these vulnerabilities, they have to move quickly. 

What attackers could be after is not a quick score, but the prerequisites for a big score at some point in the future.  Could be we won't see signs of a significant exploitation unless and until forensics from that future hit point back to access and assets gained now. 
dan91266
50%
50%
dan91266,
User Rank: Apprentice
1/16/2018 | 4:17:46 PM
Re: ...and what about IG followers for Apple's?
Has ANYONE reported an actual threat that uses these exploits?  Seems like this is still pretty theoretical at the moment.  It also looks like some facncy assembler code will be needed to exploit these vulnerabilities, or am I just not getting it?
Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
1/4/2018 | 10:20:18 AM
Re: ...and what about Apple?
We'll be reporting more on this today, including about Apple. Stay tuned! thanks.
Page 1 / 2   >   >>


Election Websites, Back-End Systems Most at Risk of Cyberattack in Midterms
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/14/2018
Intel Reveals New Spectre-Like Vulnerability
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/15/2018
Australian Teen Hacked Apple Network
Dark Reading Staff 8/17/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-15504
PUBLISHED: 2018-08-18
An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. The server mishandles some HTTP request fields associated with time, which results in a NULL pointer dereference, as demonstrated by If-Modified-Since or If-Unmodified-Since with a month greater than 11.
CVE-2018-15505
PUBLISHED: 2018-08-18
An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. An HTTP POST request with a specially crafted "Host" header field may cause a NULL pointer dereference and thus cause a denial of service, as demonstrated by the lack of a trailing ']' character in an IPv6 a...
CVE-2018-15492
PUBLISHED: 2018-08-18
A vulnerability in the lservnt.exe component of Sentinel License Manager version 8.5.3.35 (fixed in 8.5.3.2403) causes UDP amplification.
CVE-2018-15494
PUBLISHED: 2018-08-18
In Dojo Toolkit before 1.14, there is unescaped string injection in dojox/Grid/DataGrid.
CVE-2018-15495
PUBLISHED: 2018-08-18
/filemanager/upload.php in Responsive FileManager before 9.13.3 allows Directory Traversal and SSRF because the url parameter is used directly in a curl_exec call, as demonstrated by a file:///etc/passwd value.