Tag

Speculative Execution

All articles tagged with #speculative execution

technology2 years ago•3 min saved

iLeakage Attack: Safeguarding Your Emails and Passwords on Apple Devices

Researchers have developed a new speculative side-channel attack called iLeakage that can extract sensitive information from the Safari web browser on recent Apple devices. This attack bypasses standard side-channel protections implemented by browser vendors and can steal data from Safari, Firefox, Tor, and Edge on iOS. The researchers were able to defeat side-channel protections and bypass site isolation policies in Safari, allowing them to leak sensitive data such as passwords and emails. The attack impacts Apple devices powered by Apple's A-series and M-series ARM processors. Apple has developed mitigations for macOS, but the attack highlights the potential risks of speculative execution in emerging ARM-based platforms.

via BleepingComputer|

#apple #cybersecurity #ileakage

technology2 years ago•4 min saved

"Intel's Downfall: Critical Flaw Exposes Valuable Data and Encryption Keys in Generations of Chips"

Intel has disclosed a new processor vulnerability, dubbed Downfall, that affects several models of its chips dating back to 2015. The flaw allows attackers to bypass data isolation barriers and access valuable and sensitive information, including financial details, emails, and passwords. The vulnerability impacts the Skylake, Tiger Lake, and Ice Lake chip families, but Intel's current generation chips are not affected. Fixes are being released, but some enterprise users have the option to disable them due to potential performance impacts. The process of releasing fixes is complex and time-consuming, involving coordination with device manufacturers. The researcher who discovered the vulnerability emphasizes the need for faster response and improved detection systems.

via WIRED|

#data-security #downfall #intel