Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Intel Processor Security Flaw Prompts Kernel Makeovers in Linux, Windows
Newest First  |  Oldest First  |  Threaded View
Page 1 / 2   >   >>
caodangyduocsaigon
caodangyduocsaigon,
User Rank: Apprentice
6/1/2018 | 3:39:30 AM
Re: ...and what about Apple?
Renowned security expert Dan Kaminsky says without the details of the flaw out yet, it doesn't make sense to theorize about its ramifications. "I think we shouldn't speculate until the bug is disclosed," Kaminsky says. "Clearly, the notable part of this is whatever it is can't be addressed in microcode."
Ludivina
Ludivina,
User Rank: Strategist
2/3/2018 | 8:28:18 PM
Re: ...and what about IG followers for Apple's?
Well, there were different mentions from different blogs. Can you please tell me where did you found those sentences at?
BowlOfPetunias
BowlOfPetunias,
User Rank: Apprentice
2/1/2018 | 4:54:09 AM
And then what?
Suppose an attacker succeeds in exploiting this. What do they get back? A long string of jumbled text and numbers that looks like it might be a password? How do they know it's a password? How do they know it's all of the password and not cut short? I'm not totally clear how much of a benefit there is to an attacker. Probably not an instant win for the attacker, anyway. Some himan input would be needed from them.
dan91266
dan91266,
User Rank: Strategist
1/31/2018 | 11:04:41 PM
Re: ...and what about Apple?
Still pretfy quiet on 'sploits for this... Calm before the storm, or much ado about othing?
dan91266
dan91266,
User Rank: Strategist
1/19/2018 | 12:57:39 PM
Re: ...and what about IG followers for Apple's?
Another analyst here sumbled across a place called skyfallattack.com.  Could be a wateringhole attack in and of itself, so proceed with caution.   It's been almost 24 hours since it came up and I am thinking that if it were credible it would be HUGE news, but not hearing much. 

As always, take everything with a healthy grain of salt. I am HIGHLY skepticcal but thought it worth mentioning.

A genuine sploit for this would be AWEFUL.  So far though, it seems like all the benfits the hypothetical attack vector brings are more easily achieved other ways.  As in "Click here to claim your prize...

 

Cheers,

Dan91266
BrianN060
BrianN060,
User Rank: Ninja
1/19/2018 | 11:37:40 AM
Re: M/S exploits in the wild?
Reports of weaponized versions of the M/S exploits are not the same as evidence that some attacker has used them, or tried.  As attacks would likely be sophisticated, and against high-value targets; the attacks may have already begun - just not yet noticed. 

We have to consider that any victims might be slow to admit the fact. We also have to consider that existing vulnerabilities, exploits and attack vectors are causing more than enough damage without M/S.  Is there a danger of putting too much focus on, and too many resources defending against, the potential?
dan91266
dan91266,
User Rank: Strategist
1/18/2018 | 9:42:52 PM
Re: ...and what about Apple?
Well one source is finally reporting today that they have seen weaponized versions of these sploits. They claim they cannot release details due to government restrictions or until chip vendors fix this, they are not entirely clear.

No confirmation yet that I have seen from a reliable source of truth so this may just be a really mean watering hole attack of some sort, or it may be the real deal.  If IBM X-Force, Cisco, or Microsoft or other reliable source confirms this... Katie bar the door!

My bet is that if this gets real you are suddenly going to see a prolifertion of non Intel, AMD, ARM custom ASICS with proprietary micro-code become real popular, real quick.  With virtualization technology so good, there is scant reason to run risky hardware, RISCy maybe, but not risky (sorry, couldn'resist the pun). I think the point is valid though, all puns aside.

This could get interesting fast. Wonder what the Rainbow Book/NIST guys have to handle this.  I understand that if you run trusted code (Cert signed code, I think), you are not vulnerable to the 'sploits. But who the heck runs 100% Microsoft signed code?

BTW, you Apple folks could be in the, uh sh*thole (to use a currently popular epithet) also. Lotta Macs on Intel silicon aren't there?

 

Cheers,

Dan S.
BrianN060
BrianN060,
User Rank: Ninja
1/17/2018 | 2:12:14 PM
Re: ...and what about IG followers for Apple's?
I've been listening for the other shoe to drop, too. 

One the one side, exploiting these vulnerabilities seems to require a sophisticated, targeted, attack - indicating a high-value target, and stealth.  On the other, there is a window that will close, as more and better mitigations/solutions are developed and applied - so if they are going to leverage these vulnerabilities, they have to move quickly. 

What attackers could be after is not a quick score, but the prerequisites for a big score at some point in the future.  Could be we won't see signs of a significant exploitation unless and until forensics from that future hit point back to access and assets gained now. 
dan91266
dan91266,
User Rank: Strategist
1/16/2018 | 4:17:46 PM
Re: ...and what about IG followers for Apple's?
Has ANYONE reported an actual threat that uses these exploits?  Seems like this is still pretty theoretical at the moment.  It also looks like some facncy assembler code will be needed to exploit these vulnerabilities, or am I just not getting it?
Kelly Jackson Higgins
Kelly Jackson Higgins,
User Rank: Strategist
1/4/2018 | 10:20:18 AM
Re: ...and what about Apple?
We'll be reporting more on this today, including about Apple. Stay tuned! thanks.
Page 1 / 2   >   >>


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Incorporating a Prevention Mindset into Threat Detection and Response
Threat detection and response systems, by definition, are reactive because they have to wait for damage to be done before finding the attack. With a prevention-mindset, security teams can proactively anticipate the attacker's next move, rather than reacting to specific threats or trying to detect the latest techniques in real-time. The report covers areas enterprises should focus on: What positive response looks like. Improving security hygiene. Combining preventive actions with red team efforts.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-31650
PUBLISHED: 2022-05-25
In SoX 14.4.2, there is a floating-point exception in lsx_aiffstartwrite in aiff.c in libsox.a.
CVE-2022-31651
PUBLISHED: 2022-05-25
In SoX 14.4.2, there is an assertion failure in rate_init in rate.c in libsox.a.
CVE-2022-29256
PUBLISHED: 2022-05-25
sharp is an application for Node.js image processing. Prior to version 0.30.5, there is a possible vulnerability in logic that is run only at `npm install` time when installing versions of `sharp` prior to the latest v0.30.5. If an attacker has the ability to set the value of the `PKG_CONFIG_PATH` e...
CVE-2022-26067
PUBLISHED: 2022-05-25
An information disclosure vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to arbitrary file read. An attacker can send a sequence of requests to trigger this vulnera...
CVE-2022-26077
PUBLISHED: 2022-05-25
A cleartext transmission of sensitive information vulnerability exists in the OAS Engine configuration communications functionality of Open Automation Software OAS Platform V16.00.0112. A targeted network sniffing attack can lead to a disclosure of sensitive information. An attacker can sniff networ...