Collaborate Disseminate
Could these two attack scenarios exploit the recently publicized vulnerability?
Using a Thunderbolt adapter like an USB-to-Thunderbolt adapter on a computer without any Thunderbolt port
Temporarily replacing hardware (mainboard) with har… Continue reading Are Thunderbolt-enabled computers without Thunderbolt ports vulnerable to Thunderspy?
Thunderspy was announced this week, developed by [Björn Ruytenberg]. A series of attacks on the Thunderbolt 3 protocol, Thunderspy is the next vulnerability in the style of Inception, PCILeech, and Thunderclap.
Inception and PCILeech were attacks on the naive Direct Memory Access (DMA) built into Firewire, Thunderbolt 1, and PCIe. …read more
Continue reading This Week in Security: Thunderspy, Facebook Breaking Everything, and More
Thunderbolt ports can provide direct access to the memory in your laptop… just how hard is it for crooks to do so when you aren’t looking? Continue reading Thunderspy – why turning your computer off is a cool idea!
A slew of seven vulnerabilities identified in the Thunderbolt port allow an attacker with physical access to the device to bypass all security, no matter the platform. It affects all laptops and computers built since 2011. The vulnerabilities, known co… Continue reading Thunderspy Attack Affects all Computers with Thunderbolt Released in the Past Decade
I just read an article about the Thunderspy vulnerabilities.
What I think I understood so for is that with physical access, it is possible to manipulate the memory of the computer via Thunderbolt and that it can also read data from memory… Continue reading Questions about Thunderspy mitigation
If an attacker can get his hands on a Thunderbolt-equipped device for five minutes, he can launch a new data-stealing attack called “Thunderspy.” Continue reading Millions of Thunderbolt-Equipped Devices Open to ‘ThunderSpy’ Attack