A newly discovered vulnerability in AMD chips allows malicious actors to perform remote code execution (RCE) and privilege escalation in virtual machines.
Cybersecurity researchers from the CISPA Helmholtz Center for Information Security in Germany detailed a vulnerability they named StackWarp, a hardware vulnerability in AMD CPUs that breaks the protections of confidential virtual machines, by manipulating how the processor tracks the stack, and letting a malicious insider or hypervisor change program flow or read sensitive data inside a protected VM.
Read more…
Source: Techradar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Critical infrastructure gear is full of flaws, but hey, at least it’s certified
March 23, 2023
Devices used in critical infrastructure are riddled with vulnerabilities that can cause denial of service, allow configuration manipulation, and achieve remote code execution, according to security researchers. And most of these operational technology (OT) products – which include industrial control systems and related devices – claim security certifications, some of which they did not actually have. Read ...
- Patch CVE-2023-23397 Immediately: What You Need To Know and Do
March 21, 2023
CVE-2023-23397 is a critical privilege elevation/authentication bypass vulnerability in Outlook, released as part of the March Patch Tuesday set of fixes. The vulnerability, which affects all versions of Windows Outlook, was given a 9.8 CVSS rating and is one of two zero-day exploits disclosed on March 14. Trend Micro researchers summarize the points that security teams ...
- Hackers mostly targeted Microsoft, Google, Apple zero-days in 2022
March 20, 2023
Hackers continue to target zero-day vulnerabilities in malicious campaigns, with researchers reporting that 55 zero-days were actively exploited in 2022, most targeting Microsoft, Google, and Apple products. Most of these vulnerabilities (53 out of 55) enabled the attacker to either gain elevated privileges or perform remote code execution on vulnerable devices. Read more… Source: Bleeping Computer
- CISA Releases Eight Industrial Control Systems Advisories
March 16, 2023
CISA released eight Industrial Control Systems (ICS) advisories on March 16, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: ICSA-23-075-01 Siemens SCALANCE, RUGGEDCOM Third-Party ICSA-23-075-02 Siemens RUGGEDCOM CROSSBOW V5.3 Read more… Source: U.S. Cybersecurity and Infrastructure ...
- Threat Actors Exploited Progress Telerik Vulnerability in U.S. Government IIS Server
March 15, 2023
Today, the CISA, Federal Bureau of Investigation (FBI), and Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint Cybersecurity Advisory (CSA), Threat Actors Exploit Progress Telerik Vulnerability in U.S. Government IIS Server. This joint CSA provides IT infrastructure defenders with tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), and methods to detect and protect ...
- Hands up who DIDN’T exploit this years-old flaw to ransack a US govt web server…
March 15, 2023
Multiple criminals, including at least potentially one nation-state group, broke into a US federal government agency’s Microsoft Internet Information Services web server by exploiting a critical three-year-old Telerik bug to achieve remote code execution. The snafu happened between November 2022 and early January, according to a joint alert from the FBI, CISA, and America’s Multi-State Information ...