In cybersecurity, when you hear the word vulnerability, you know it’s not a good thing. Meanwhile, it can be scary if you learn that attackers are exploiting the vulnerability. In other news, it turns out that researchers can break confidential computing in some popular CPUs.
TEE.Fail attack breaks confidential computing on Intel, AMD, NVIDIA CPUs
As a reminder, TEE means Trusted Execution Environment. It’s a secure area of a system. Now, what happened? The excerpt below has more details.
Researchers from Georgia Tech and Purdue University note that modern implementations of Intel SGX, Intel TDX, and AMD SEV-SNP are no longer as secure as advertised, …
In cybersecurity, when you hear the word vulnerability, you know it’s not a good thing. Meanwhile, it can be scary if you learn that attackers are exploiting the vulnerability. In other news, it turns out that researchers can break confidential computing in some popular CPUs.
TEE.Fail attack breaks confidential computing on Intel, AMD, NVIDIA CPUs
As a reminder, TEE means Trusted Execution Environment. It’s a secure area of a system. Now, what happened? The excerpt below has more details.
Researchers from Georgia Tech and Purdue University note that modern implementations of Intel SGX, Intel TDX, and AMD SEV-SNP are no longer as secure as advertised, due to architectural trade-offs in recent generations.
Their experiments confirmed that it is possible to exploit these weaknesses for key extraction and attestation forgery. TEE.Fail is the first DDR5-based ciphertext attack, extending prior DDR4 work like WireTap and BatteringRAM.
Year-Old WordPress Plugin Flaws Exploited to Hack Websites
The flaws are over a year old at the time of writing. If anyone is affected, they have an older version of the plugin and they need to update immediately.
From the article:
GutenKit versions prior to 2.1.1 are affected by CVE-2024-9234, a missing capability check issue leading to arbitrary file uploads. The flaw allows attackers to install and activate arbitrary plugins or upload files masquerading as plugins.
Although the exploited vulnerabilities were patched over a year ago, they continue to represent attractive targets for threat actors, as the fresh campaign shows.
New “Brash” Exploit Crashes Chromium Browsers Instantly with a Single Malicious URL
At the time of writing, if it’s a Chromium web browser, it’s vulnerable. Is there a fix yet? Not at the moment.
From the article:
At its core, Brash stems from the lack of rate limiting on “document.title” API updates, which, in turn, allows for bombarding millions of [document object model] mutations per second, causing the web browser to crash, as well as degrade system performance as a result of devoting CPU resources to this process.
Credits
Cover photo by Debby Hudson on Unsplash.
That’s it for this week, and I’ll see you next time.