Collaborate Disseminate
Bitdefender senior researchers Dan Horea Luțaș and Andrei Vlad Luțaș recently uncovered a new speculative-execution vulnerability and demonstrated how it can be exploited via a side-channel style attack, dubbed SWAPGS Attack. The vu… Continue reading Bypassing KPTI Using the Speculative Behavior of the SWAPGS Instruction
Bitdefender researchers have uncovered yet another viable speculative execution side-channel attack that can be leveraged against Intel CPUs and the computers running on them. The SWAPGS Attack, as they call it, circumvents the protective measures that… Continue reading SWAPGS Attack: A new Spectre haunts machines with Intel CPUs
Upon research, I’m finding it difficult to identify a way to compare each solution. Is it correct in saying both solutions are software based? Therefore, could I compare overall PC perfomance with each software implementation… Continue reading How would one compare Cache Allocating Technology against MIT’s Dynamically Allocated Way Guard for prevention of the Spectre side-channel Attack?
I once had a script looking like the one below:
window.open(“SameSiteUrl”);
alert(“spamspamspam”);
it had some strange laggy effects… Anyways, a friend “pranked” me by running the script overnight. My PC had a shutdown… Continue reading Can javascript damage data and hardware?
By now we should all be used to the astonishing variety of CPUs that have come our way created from discrete logic chips. We’ve seen everything from the familiar Von Neumann architectures to RISC and ever transport-triggered architecture done in 74 TTL derivatives, and fresh designs remain a popular project …read more
We will admit it: mostly when we see a homebrew CPU design on an FPGA, it is a simple design that wouldn’t raise any eyebrows in the 1970s or 1980s. Not so with [Henry Wong’s] design, though. His x86-like design does superscalar out-of-order execution, just like big commercial modern CPUs. …read more
Cisco Expressway goes off path and a Cisco IOS XE vuln goes for emojis, More erosion of CPU data boundaries, RDP patches a pre-auth problem and even resuscitates a patch process for XP, Microsoft’s Attack Surface Analyzer gives DevSecOps team… Continue reading Application News – Application Security Weekly #62
Intel has revealed on Tuesday that some of its CPUs are vulnerable to a number of new speculative execution attacks that may allow attackers to stealing sensitive data and keys/passwords. ZombieLoad, RIDL and Fallout attacks have been extensively writt… Continue reading Intel MDS attack mitigation: An overview
More than one year ago, security researchers at Google Project Zero have disclosed a series of hardware vulnerabilities affecting Intel® x86 microprocessors. Leveraging a feature of modern processors called speculative execution, as well as timing… Continue reading Yet Another Meltdown – A Microarchitectural Fill Buffer Data Sampling Vulnerability (CVE-2018-12130)
Did you ever start a project that you felt gained a life of its own? This project by [Paulo Constantino] is an entire CPU named dreamcatcher on breadboards, and is a beautiful jungle of digital. On top of that, it works to connect to an analog VGA display. How cool …read more
Continue reading CPU Made From 74HC Chips Is A Glorious Mess