A newly discovered vulnerability in AMD chips allows malicious actors to perform remote code execution (RCE) and privilege escalation in virtual machines.
Cybersecurity researchers from the CISPA Helmholtz Center for Information Security in Germany detailed a vulnerability they named StackWarp, a hardware vulnerability in AMD CPUs that breaks the protections of confidential virtual machines, by manipulating how the processor tracks the stack, and letting a malicious insider or hypervisor change program flow or read sensitive data inside a protected VM.
Read more…
Source: Techradar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Microsoft: New Unpatched Bug in Windows Print Spooler
July 16, 2021
Another vulnerability separate from PrintNightmare allows for local elevation of privilege and system takeover. Microsoft has warned of yet another vulnerability that’s been discovered in its Windows Print Spooler that can allow attackers to elevate privilege to gain full user rights to a system. The advisory comes on the heels of patching two other remote code-execution ...
- Bug bounty platform urges need for firms to have vulnerability disclosure policy
July 16, 2021
Organisations should provide a proper channel through which anyone can report vulnerabilities in their systems. This will ensure potential security holes can be identified and plugged before they are exploited. Establishing a vulnerability disclosure policy (VDP) also would provide assurance to anyone, such as security researchers, acting in good faith that they would not face prosecution ...
- SonicWall releases urgent notice about ‘imminent’ ransomware targeting firmware
July 14, 2021
Networking device maker SonicWall sent out an urgent notice to its customers about “an imminent ransomware campaign using stolen credentials” that is targeting Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life 8.x firmware. In addition to the notice posted to its website, SonicWall sent an email to anyone ...
- CISA Issues Emergency Directive Requiring Federal Agencies To Mitigate Windows Print Spooler Service Vulnerability
July 13, 2021
WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA) issued Emergency Directive (ED) 21-04 today to mitigate a Microsoft Windows print spooler service vulnerability CVE-2021-34527 being actively exploited. Federal civilian agencies are required to immediately disable the print spooler service on Microsoft Active Directory Domain Controllers, apply the Microsoft July 2021 cumulative updates, and make ...
- The Underground Exploit Market and the Importance of Virtual Patching
July 13, 2021
Over the past two calendar years, we conducted research on the underground exploit market to learn more about the life cycle of exploits, the kinds of buyers and sellers who transact, and the business models that are in effect in the underground. We detail our findings in our research paper “The Rise and Imminent Fall ...
- Modipwn: code execution vulnerability discovered in Schneider Electric Modicon PLCs
July 13, 2021
A vulnerability discovered in Schneider Electric (SE) Modicon programmable logic controllers (PLCs) allows full takeover of the industrial chips. Discovered by Armis researchers, the vulnerability can be used to bypass existing security mechanisms in PLCs to hijack the devices and potentially impact wider industrial setups. The authentication bypass vulnerability, dubbed Modipwn, has been assigned as CVE-2021-22779. Read ...