Vulnerability in Intel CPUs that Could Allow an Attacker To Read Sensitive Encrypted Data

-
Intel
A team of security researchers has discovered another serious side-channel vulnerability in Intel CPUs that could allow an attacker to sniff out sensitive protected data, like passwords and cryptographic keys, from other processes running in the same CPU core with simultaneous multi-threading feature enabled.

The vulnerability, codenamed PortSmash (CVE-2018-5407), has joined the list of other dangerous side-channel vulnerabilities discovered in the past year, including Meltdown and Spectre, TLBleed, and Foreshadow.

Discovered by a team of security researchers from the Tampere University of Technology in Finland and Technical University of Havana, Cuba, the new side-channel vulnerability resides in Intel's Hyper-Threading technology, the company's implementation of Simultaneous MultiThreading (SMT). From here

Comments

Post a Comment

Popular posts from this blog

Facebook Sues New Zealand Firm For Selling Fake Likes On Instagram

-
Image
F acebook has filed a lawsuit in the US against a New Zealand-based company and three individuals that it says have been selling 'fake likes' on Instagram. Through websites such as SocialEnvy.co, IGFamous.net and Likesocial.co, says Facebook, Social Media Series Limited and its directors made more than $9.4 million by selling fake engagement to Instagram users. The three directors of the company have been named locally as Arend Alexander Hubert Nollen, Leon Francis Hedges and David James Pekka Pasanen. Facebook says it sent cease-and-desist letters to two of the company's directors in July and December last year. "We previously suspended accounts associated with the defendants and formally warned them in writing that they were in violation of our Terms of Use, however their activity persisted," says Jessica Romero, Facebook's director of platform enforcement and litigation. Read more at Forbes
Read more

Software for Online Project Management - Wrike

-
Image
Wrike is an award-winning software for online project management that was designed with a single goal: to improve the speed and efficiency of work in both co-located and distributed groups. It is a winner of FinancesOnline Best Project Management Software Award for 2018. The flexibility provided by Wrike enables multifunctional groups to collaborate and get things done effectively from a single location. The service allows you to schedule, prioritize, discuss, and keep track of both work and progress in real time — all with just a few clicks of the mouse. Wrike has been the project management software of choice for many Fortune 500 companies, such as, Google, Stanford University, Adobe, HTC, and EA Sports to mention a few. Read Full review
Read more

Rancher Launched K3OS - a Linux Distro Built for the Sole Purpose of Running Kubernetes Clusters

-
Image
O n the heels of its release of k3s, a lightweight Kubernetes distribution designed for the edge, Rancher Labs has announced an accompanying operating system called k3OS. The k3OS preview release is available with support for x86 and ARM64. With k3OS, Kubernetes cluster configuration and the underlying OS configuration are defined with the same declarative syntax as other Kubernetes resources, meaning both can be managed together. Rancher has been working with a number of customers including wind turbine company Goldwind Smart Energy on using Kubernetes in resource-constrained environments. Read more at Rancher
Read more