Search This Blog

Showing posts with label Intel. Show all posts

Black code: Two critical vulnerabilities found in Intel processors

Two new vulnerabilities have been found in Intel processors. They are undocumented capabilities of the manufacturer that allow hijacking control over the device. Access to them opens in a special mode that in most cases only Intel engineers have access to. However, in some scenarios it can also be activated by hackers. Information security experts suggest that these options may be present in all current Intel processors and see them as a major potential threat.

According to Positive Technologies experts Mark Yermolov and Dmitry Sklyarov, there are two undocumented instructions in Intel processors that allow modification of the microcode and gain control over the processor and the entire system.

"The discovered instructions allow bypassing all existing x86 architecture protection mechanisms in modern processors," said Yermolov.

The experts specified that the features found are in Intel's Atom processor family, which has been updated since 2011 to the present day.

"In theory, the vulnerabilities found can be exploited by any attacker who has the necessary information", Alexander Bulatov, Commercial Director of RuSIEM, told the publication.

In this case, the hacker would get a whole set of opportunities to control the compromised system.

“This can be either the simplest forced shutdown of the device, or flashing the processor with microcode that secretly performs certain tasks of the attacker,” explained Bulatov.

According to Yermolov, instructions can be activated remotely only in a special mode of operation of processors Red Unlock, which only Intel engineers should have access to. As Positive Technologies noted, some processors have vulnerabilities that allow third parties to enable Red Unlock mode as well.

Intel's press office said it takes Positive Technologies' research seriously and is carefully reviewing their claims.

The vulnerabilities found are potentially dangerous for users of devices based on the Intel Atom family. These are low-power processors mainly used in netbooks, tablets, POS terminals and POS machines.


Data Breach: Chipmaker Intel Shares Fall by 9%

 

The stock of Intel Corp was rallied to close in the last minutes of Thursday 21st January 2021 after the unlikely announcement of quarterly results by the chipmaker at the end of the day, but the stock was reversed in prolonged trading as the firm dealt with long-term plans.

The Intel Corp. chip maker made an administrative mistake on Friday with a data breach – which led to a quarterly profits study being released early with a fall in shares as much as 9%. Intel further added that its corporate network was not affected. The Chief Financial Officer of the firm, George Davis, had earlier stated that “Intel had released its results ahead of the closing of the stock market on Thursday, claiming that the hacker had taken financially valuable information from the site.” 

The quarterly reports of the firm were initially expected to be released hours later after the end of the Wall Street market on Thursday. “Once we became aware of these reports, we made the decision to issue our earning announcement a brief time before the originally scheduled release time”, as per a statement by American computer chip corporation. “An infographic was hacked of our PR newsroom site,” disclosed Davis. The company is reviewing claims that one graph from its earnings report may have gained unauthorized entry. 

Intel further added that “the URL of our earnings infographic was inadvertently made publicly accessible before the publication of our earnings and accessed by third parties. Once we became aware of the situation, we promptly issued our earnings announcement. Intel's network was not compromised, and we have adjusted our process to prevent this in the future.”

The performance of Intel for the fourth quarter met the aspirations of analysts and dismissed the company's estimate of high PC revenues. The chipmaker saw a trimestral decline of 1% to $20 billion annually, but he still defeated Refinitiv's $17.49 billion forecasts by analysts. Net earnings were $1.52 per share for the year, relative to an estimated $1.10. 

At $62.46 following the release of holiday sales and a forecast that beats expectations, but slowed almost 4 percent after hours, Intel INTC's -9.29 percent share came to an end of 6.5 percent. The business studies claim that a graphic in its profits has been stolen and pressured to reveal the figures early.

Computing Giant Intel Launches New Processors with Ransomware Detection Features

 

One of the biggest computing giants of the world – Intel has utilized the power of technology and has launched four new series of processors in the Consumer Electronics Show 2021. They affirmed the users that these processors would offer a “Premium PC experience” that would also provide some additional and distinct features. 

Intel is known for its products that are apropos for this era devoted to technology. The digitalization of things is accelerating at an incredible pace. The base of this technology is persuasive computing that gave Intel the idea to build up a processor that has the best features to date in the market. Of the four series launched, one of them is the vPro series. It goes by the name Intel 11th Gen Core vPro series. 

Intel at the launch added that its 11th Gen Core vPro line offers the best performance in a thin a light form factor. It comes with added security features like the Intel Hardware Shield which as per the company is the industry’s first silicon-based AI threat detection to prevent ransomware and crypto-mining attacks. The company says that the Intel Control-Flow Enforcement technology shuts down an entire class of attacks. The new CPU also promises better battery performance.

Intel further announced its partnership with Boston-based Cybereason security firm. This partnership is expected to provide advanced security and support for the announced new features and its security software in the first half of 2021.

The special features that come with the vPro series are the HS (Hardware Shield) technology and the TDT (Threat Detection Technology). These come underneath the various protective antivirus layers of the software that enables the hardware to stay protected from any ransomware attacks. Another accentuate part is that both of the technologies perform on the CPU directly. 

The main intention of Intel behind adding such features is that these technologies allow it to share its data with proper security of the software and allowing it to detect if any malware had entered the software. The malwares that were unnoticed and were not detected by the antivirus will now be sensed by the new features. 

While declaring that “it detects ransomware and other threats that leave a footprint on the Intel CPU performance monitoring unit”, Intel stated in the press release,” Intel TDT uses a combination of CPU telemetry and ML heuristics to detect attack-behavior”

Spectre Rises Yet Again With a Vulnerability In Tow


Spectre ,a class of vulnerabilities in the theoretical execution mechanism utilized in present day modern processor chips, is indeed living up to its name by ending up being unkillable.

In the midst of a progression of alleviations proposed by Intel, Google and others, the on-going claims by Dartmouth computer scientists to have comprehended Spectre variation 1, and a proposed chip configuration fix called Safespec, new variations and sub-variations continue showing up.

The discoveries likewise restore questions about whether the present and past chip plans can ever be really fixed. Just two weeks back, new data-stealing exploits named Ghost 1.1 and 1.2 were made public by specialists Vladimir Kiriansky and Carl Waldspurger. 


Presently there's another called SpectreRSB that endeavors the return stack buffer (RSB), a framework in the current modern CPUs utilized to help anticipate the return addresses, rather than the branch predictor unit.

In a paper titled Spectre Returns! Speculation Attacks utilizing the Return Stack Buffer , circulated through pre-print server ArXiv, boffins Esmaeil Mohammadian Koruyeh, Khaled Khasawneh, Chengyu Tune, and Nael Abu-Ghazaleh detail another class of Spectre Attack that accomplished the similar from Spectre variation 1 – enabling pernicious programming software to take passwords, keys, and other sensitive data, from memory it shouldn't be permitted to contact.

These specialists by coincidence, are among the individuals who built up the SafeSpec mitigation in the first place.

The most recent data-theft burglary system includes constraining the processor to misspeculate utilizing the RSB. Utilizing a call direction on x86, SpectreRSB enables an attacker to push an incentive to the RSB with the goal that the return address for the call guideline never again coordinates with the contents of the RSB.

The paper, dated July 20, plots the steps associated with the SpectreRSB attack, which itself has six variations:         

"(1) after a context switch to the attacker, s/he flushes shared address entries (for flush reload). The attacker also pollutes the RSB with the target address of a payload gadget in the victim’s address space; (2) the attacker yields the CPU to the victim; (3) The victim eventually executes a return, causing speculative execution at the address on the RSB that was injected by the attacker. Steps 4 and 5 switch back to the attacker to measure the leakage."

Leak Reveals Surprise 5GHz Intel Core i7-8086K Anniversary Processor


Intel was going to release one of its fastest ever processors on the occasion of the 40th anniversary of its 8086 processor but the circumstances changed so much that the surprise super-fast processor - the Core i7-8086K processor that had  been rumoured for a couple of months, had been revealed by online retailer listings gathered by Videocardz.

On the 30th of May, retailers were found online that were advertising the special processor with a speeds of 4 GHz and 5 GHz.

The core and thread count and indeed the L3 cache amount of 12MB matche that of Intel's existing Core i7-8700K, which has a maximum speed of 4.7GHz.


While the product listing at Merlion has been taken down, the product page was still available at Connection.com as of the morning of 31st of May and had just recently been taken down. The Connection.com page had listed the CPU as having a manufacturer part number of BX80684I78086K.

While the 8086 processor was released in 1978 and lead to the highly successful x86 architecture, it's not the first time that Intel has launched an anniversary edition CPU either.

The 5 GHz edition was currently being priced at $489.83 on Connection.com, which is approximately $140 more than then Intel Core i7-8700K, which has base speed of 3.70 GHz and can be pushed up to 4.70 GHz.



Although it is not known for sure when these CPUs will be available but according to the original image at VideoCardz it appears that they are slated to be available for order starting on June 8th 2018 and shipping on June 12th 2018.