Tag Archives: Meltdown

AVIEN resource updates 27th June 2018

Updates to Cryptocurrency/Crypto-mining News and Resources

The Register: Top banker batters Bitcoin for sucky scalability, security – “Australia’s Reserve Bank sees no need for national cryptocurrencies, for now”

Sophos: Why Bitcoin’s about to give up one of its closely guarded secrets – “…the Bitcoin Core developers are finally set to unveil the not-as-secret-as-it-should-be private key that allows them to send messages to everyone on the entire Bitcoin network.”

Trend Micro: Cryptocurrency-Mining Bot Targets Devices With Running SSH Service via Potential Scam Site – “Through social engineering, users are tricked into installing the miner that directly funnels profit (in the form of Monero and Ethereum coins, in this case)…”

Updates to Internet of (not necessarily necessary) Things

[Many of the Things that crop up on this page are indeed necessary. But that doesn’t mean that connecting them to the Internet of Things (or even the Internet of Everything) is necessary, or even desirable, given how often that connectivity widens the attack surface.]

The Register: So you’re doing an IoT project. Cute. Let’s start with the basics: Security – “And for heaven’s sake, don’t fall in love with the data…Data is seen as one of IoT’s biggest payoffs – generating and gathering it to help your business. But get IoT wrong, and you stand to be overwhelmed by that data wave. Cisco estimates IoT will generate 500 zetabytes of data by the end of 2019…”

The Register: A volt out of the blue: Phone batteries reveal what you typed and read – “Power trace sniffing, a badly-designed API and some cloudy AI spell potential trouble…Both snitching and exfiltration were described in this paper (PDF), accepted for July’s Privacy Enhancing Technologies Symposium.”

Updates to Meltdown/Spectre and other chip-related resources

Ars Technica: Hyperthreading under scrutiny with new TLBleed crypto key leak – “A new attack prompted OpenBSD’s developers to disable hyperthreading by default…developers on OpenBSD—the open source operating system that prioritizes security—disabled hyperthreading on Intel processors.

The Register: Meet TLBleed: A crypto-key-leaking CPU attack that Intel reckons we shouldn’t worry about – “How to extract 256-bit keys with 99.8% success…Intel has, for now, no plans to specifically address a side-channel vulnerability in its processors that can be potentially exploited by malware to extract encryption keys and other sensitive info from applications.”

Bleeping Computer: Changes in WebAssembly Could Render Meltdown and Spectre Browser Patches Useless – “Upcoming additions to the WebAssembly standard may render useless some of the mitigations put up at the browser level against Meltdown and Spectre attacks, according to John Bergbom, a security researcher at Forcepoint. WebAssembly (WA or Wasm) is a new technology that shipped last year and is currently supported within all major browsers, such as Chrome, Edge, Firefox, and Safari.”

Updates to Mac Virus

ThreatPost: – MALICIOUS APP INFECTS 60,000 ANDROID DEVICES – BUT STILL SAVES THEIR BATTERIES – “A battery-saving app that also allows attackers to snatch text messages and read sensitive log data has been downloaded by more than 60,000 Android devices so far…“Although the app these scam pages send users to does its advertised function, it also has a nasty secret—it infects victims’ devices and comes with a side of information-stealing and ad-clicking,” Yonathan Klijnsma, threat researcher at RiskIQ, said in a post on Thursday.”

An interesting example that bears out a definition of Trojan that I’ve used for decades – “…a program that pretends to offer some useful or desirable function, and may even do so, but whose primary function is something you don’t expect it to do, and wouldn’t want it to if you did.”

David Harley

Advertisements

16th March 2018 resources updates

Added to the AMD section of the Meltdown/Spectre resource page, which for administrative reasons has now been moved here

Added to the Intel section:

John Leyden waxes satirical at Intel’s expense in The Register: Intel: Our next chips won’t have data leak flaws we told you totally not to worry about – “Meltdown, Spectre-free CPUs coming this year, allegedly”

Added to the Microsoft/Windows section:

Richard Chirgwin for The Register: Microsoft starts buying speculative execution exploits – “Adds bug bounty class for Meltdown and Spectre attacks on Windows and Azure”

David Harley

13th March 2018 resources updates

(1) New section on Trend Micro Resources in Meltdown/Spectre – Related Resources

Trend Micro: Detecting Attacks that Exploit Meltdown and Spectre with Performance Counters
“We worked on a detection technique for attacks that exploit Meltdown and Spectre by utilizing performance counters available in Intel processors. They measure cache misses — the state where data that an application requests for processing is not found in the cache memory — that can be used to detect attacks that exploit Meltdown and Spectre.”

(2) Cryptocurrency/Crypto-mining News and Resources

David Harley

Meltdown/Spectre resources

[Content now transferred to the resource page here, which I intend to expand and maintain as time allows.]

Official commentary from Apple: About speculative execution vulnerabilities in ARM-based and Intel CPUs and from Google: Today’s CPU vulnerability: what you need to know

Related Resources:

David Harley