Intel Alder Lake BIOS code leak may contain vital secrets

Source code for the BIOS used with Intel’s 12th-gen Core processors has been leaked online, possibly including details of undocumented model-specific registers (MSRs) and even the private signing key for Intel’s Boot Guard security technology. The source code was apparently Read More …

ADATA denies RansomHouse cyberattack, says leaked data from 2021 breach

Taiwanese chip maker ADATA denies claims of a RansomHouse cyberattack after the threat actors began posting stolen files on their data leak site. The RansomHouse gang added ADATA files to their data leak site on Tuesday, claiming they stole 1TB Read More …

APIC fail: Intel ‘Sunny Cove’ chips with SGX spill secrets

A group of computer scientists has identified an architectural error in certain recent Intel CPUs that can be abused to expose SGX enclave data like private encryption keys. They call it ÆPIC Leak because it affects the memory-mapped registers of Read More …

CosmicStrand: the discovery of a sophisticated UEFI firmware rootkit

Rootkits are malware implants which burrow themselves in the deepest corners of the operating system. Although on paper they may seem attractive to attackers, creating them poses significant technical challenges and the slightest programming error has the potential to completely Read More …

AMD targeted by RansomHouse, cybercrims claim to have ‘450Gb’ in stolen data

If claims hold true, AMD has been targeted by the extortion group RansomHouse, which says it is sitting on a trove of data stolen from the processor designer following an alleged security breach earlier this year. RansomHouse says it obtained Read More …

A new vulnerability in Intel and AMD CPUs lets hackers steal encryption keys

Microprocessors from Intel, AMD, and other companies contain a newly discovered weakness that remote attackers can exploit to obtain cryptographic keys and other secret data traveling through the hardware, researchers said on Tuesday. Hardware manufacturers have long known that hackers Read More …

Vulnerability Spotlight: Multiple memory corruption vulnerabilities in NVIDIA GPU driver

Cisco Talos recently discovered four vulnerabilities in the NVIDIA D3D10 driver for graphics cards that could allow an attacker to corrupt memory and write arbitrary memory on the card. NVIDIA graphics drivers are software for NVIDIA Graphics GPU cards that Read More …