Downfall Attack Enables Extraction of Passwords and Encryption

0
[ad_1]

Gather Data Sampling (GDS) impacts select Intel CPUs, enabling attackers to deduce outdated data through malicious use of gather instructions. While all these entries link to the prior thread or sibling core registers.

Like MDS, GDS (Gather Data Sampling) enables local code execution to reveal protected secret data. GDS is different from MDS as it exposes only stale vector register data through specific gathering instructions, lacking user choice in suspected data.

Cybersecurity researcher Daniel Moghimi at Google recently crafted a ‘Downfall’ CPU attack that enables threat actors to extract the following data from Intel chips shared by users:- 

  • Passwords
  • Keys
  • Emails
  • Banking

Cybersecurity researchers tracked this vulnerability as CVE-2022-40982, and this flaw affects the Skylake to Ice Lake chips from Intel with transient execution side-channel issues.

Flaw profile

  • CVE ID: CVE-2022-40982
  • Description: Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to enable information disclosure via local access potentially.
  • CVSS Base Score: 6.5
  • Severity: MEDIUM
  • CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Technical analysis

By exploiting this vulnerability, a threat actor can easily retrieve the protected sensitive data through Intel’s SGX, which segregates the code and memory.

Besides this, the SGX exclusively aids the server CPUs which enables it to establish a secure enclave that is inaccessible even by the OS itself.

Moreover, Daniel Moghimi revealed the exploitative nature of Downfall, under which this flaw exploits the gathered instructions for a speculative leak of vector register content.

Moghimi seized AES keys through GDS across VMs, even from cores’ sibling threads. In under 10s, 8 bytes at a time, the researcher fused stolen AES round keys to crack encryption.

However, apart from this, the researcher leveraged the undisclosed techniques in this scenario on powerful CPUs to breach data barriers between:-

  • User-kernel
  • Processes
  • VMs
  • Secure execution domains

Failed tries prompted repeated attacks, as the master key data was infrequent within 10 seconds. Moghimi offers diverse GDS attacks, snatching varied data due to specific SIMD buffer conditions.

Affected CPU families

Downfall needs attacker presence on the victim’s physical core, facilitated by current shared computing.

Local malware might exploit it, and besides this, Intel already acknowledged the flaw with Moghimi in August, issuing a microcode fix.

Vulnerability remained undisclosed for nearly a year, allowing OEMs and CSPs to validate fixes.

But, Intel affirms that Alder Lake, Raptor Lake, and Sapphire Rapids series were not affected, as the Downfall affects the following CPU families:-

  • Skylake
  • Cascade Lake
  • Cooper Lake
  • Amber Lake
  • Kaby Lake
  • Coffee Lake
  • Whiskey Lake
  • Comet Lake
  • Tiger Lake family
  • Ice Lake
  • Rocket Lake

In this case, to leak data, Daniel Moghimi exploited the REDACTED on high-performance REDACTED CPUs by breaching the user-kernel boundaries across systems.

Recommendations

Here below, we have mentioned all the recommendations from Intel:-

  • For enhanced security, Intel advises users of affected processors to install the latest firmware from their system manufacturer.
  • Intel suggests SGX users update platform flash microcode via firmware interface table.
  • Intel’s new microcode update prevents the attackers from observing gather instruction results.
  • To counter this flaw, an SGX TCB recovery is in the works.
  • Non-Intel (SGX) systems can apply microcode fixes via OS loading.

Keep informed about the latest Cyber Security News by following us on GoogleNews, Linkedin, Twitter, and Facebook.


[ad_2]
Source link

Samsung shares official Galaxy Tab S9 series unboxing video

0
[ad_1]

In addition to the Galaxy Z Fold 5, Galaxy Z Flip 5, and Galaxy Watch 6 series unboxing videos, Samsung also shared one of its new tablets. The Galaxy Tab S9 series unboxing video is now live, and it has a duration of around a minute and a half.

Samsung’s Galaxy Tab S9 series unboxing video is now live

In the video, Samsung unboxes the Galaxy Tab S9 Ultra only, but the unboxing experience is the same for all three, basically. Also, all three tablets get shown in the video, along with some of their features.

Speaking of which, Samsung announced three tablets during its recent event. The Galaxy Tab S9 Ultra got announced alongside the Galaxy Tab S9 and Galaxy Tab S9+.

If you end up watching the video, you’ll realize that an S Pen is included in the package. Samsung also includes a Type-C to Type-C USB cable for charging, a SIM ejector tool, and a quick start guide.

A charger is not included in the box, but an S Pen is

You’ll notice that a charger is not included in the mix. That is to be expected from the company these days, though. Samsung does not include a charger alongside its phones and tablets, much like Apple and Google.

The company also demonstrates that you’ll be charging the S Pen on the back of these tablets. There’s a magnetic charging strip included back there, and it’s really easy to spot.

All three tablets are IP68 certified for water and dust resistance, while all of them also include quad speakers tuned by AKG. Out of these three tablets, the Galaxy Tab S9 Ultra is the largest. It includes a 14.6-inch panel, compared to 12.4 and 11-inch displays on the other two models.

Each tablet also includes an in-display fingerprint scanner, and supports 45W wired charging. Bluetooth 5.3 is also supported, while the Snapdragon 8 Gen 2 for Galaxy fuels all of them.


[ad_2]
Source link

Bally Sports NBA games could be coming to Apple TV+

0
[ad_1]

It’s no secret that Bally Sports and its parent-company, Diamond Sports Group, has been having trouble paying its bills lately. In fact, it has already dropped a number of team rights, and is currently in bankruptcy court. While suitors have been lining up to take advantage of this situation.

We had heard that Scripps was looking to pick up the local sports rights in a number of markets and put the games on free, local TV. Now, it is looking like Apple TV+ might be interested in picking up the local NBA TV rights. If Apple TV+ does pick up local sports, it could turn into a pretty major player in the streaming war. Since it does already have the MLS Season Pass, as well as MLB Friday Night Baseball.

Apple’s not alone, however, as Amazon, Disney and YouTube are also interested in these rights.

Streamers are really only interested if they could get a “critical mass of teams”

It’s said that these streamers are really only interested in securing the rights, if they can obtain a “critical mass of teams”. Which makes sense. Getting a single team or even two teams, isn’t going to bring in a lot of subscribers. Especially if Apple TV+ has to keep the same requirements that Bally Sports currently has. Where you need to be in the local area to watch the games. But if Apple could secure say, 15-20 of the teams rights, then it is a lot more worthwhile for the company to spend that money.

Apple has been named in a lot of discussions for sports as of late. Including the Pac-12, Germany’s Bundesliga and the English premier League. So it’s quite clear that Apple is looking to add more and more sports content to TV+. Making it a more viable streaming service. Currently, Apple TV+ is about $6.99 per month and offers some really great content, however the library is not large. They’ve been going for quality over quantity here. And adding sports in, would make more people spend more time on the service.


[ad_2]
Source link

Gmail update brings translation to mobile devices

0
[ad_1]

Google has just announced one small change coming to Gmail in the coming days. Starting today, Gmail users will be able to translate emails on their phones without having to leave the app.

Up until today, this was only possible in Gmail on the web, which supports translation to and from over 100 languages. The latest Gmail update adds a native translation integration within the mobile app, which will allow users to communicate in a wide range of languages quicker and easier.

One of many highly requested features, the ability to translate emails on a phone is rolling out to all Gmail users. After receiving the update, a new dismissible banner will pop up when the content language of a message is different from the “Google.com Mail display language” in your account settings.

Alternatively, Gmail users can choose to have the app always translate or never translate specific languages. In order to translate a message, simply click the “Translate” option at the top of the email.

Those who dismiss the translation option will get it again the next time the content language of an email doesn’t match the set “Google.com Mail display language.” Of course, the native translation integration within the mobile app comes with the option to turn it off, which means you’ll never get the banner for a specific language.

To turn off the setting you’ll have to accept the “Don’t translate [language] again” that appears when you dismiss the banner, or by selecting “Don’t translate [language] again” from the translation settings menu. Regardless of whether or not you have translations turned off, you can manually translate a message through the three dot menu.

According to Google, Android users should start seeing the new feature today, August 8, but the rollout might take up to 15 days. On the other hand, iOS users will be able to translate their emails on their devices starting August 21.


[ad_2]
Source link

Google plans to use under-display cameras in Pixel phones: Patent

0
[ad_1]

It seems like Google has plans to use under-display cameras on its Pixel phones. Some smartphone OEMs already do that, but based on a new patent, Google may have a better way.

As many of you know, under-display cameras are usually not that good. The images and video they can capture are often washed out, and have that web camera effect as a result.

Google plans to use under-display camera in Pixel phones

Based on the patent that Google filed with the European Patent Office, things may change. The patent is titled “System and Apparatus of Under-Display Camera”.

Google under display camera patent application

So, how is Google planning to do this? Well, the company has seemingly come up with a way that would allow enough light to get to that under-display camera, while keeping it hidden.

The company seemingly plans to use two parts of the display to block or distort the light as it passes through the screen. Google claims this can be done by placing a layer of light-blocking material with different shapes and patterns between the display and the camera.

That way, one layer would be placed under each of the two aforementioned regions. One of the sensors would be used for color images, while the other for monochrome ones. Each of those light-blocking materials we’ve mentioned would be designed to work with the included sensors in particular.

Machine learning would play an important role here

Machine learning would play a huge role in blending captured information into the final product. Google often relies on it, so this wouldn’t exactly be surprising. The company’s camera processing is well-known in the tech world.

Do note that this is just a patent at this point. No, we won’t get this tech with the Pixel 8 series, but we do expect it at some point in the future. If we can get rid of display camera holes, and get good selfie cameras at the same time, why not?


[ad_2]
Source link

Meta faces new legal hurdles in Europe: Norway imposes $97,700 daily fine

0
[ad_1]

Social media platforms have faced issues with European laws many times, particularly regarding data privacy and tracking. Recently, TikTok had to change its privacy rules to match the new Digital Service Act (DSA). Some time ago, Meta got hit with a $423 million fine from Ireland’s Data Protection Commission, which made the tech company allow EU users to turn off ad tracking (at least on paper.)Now, Meta is facing legal troubles again in Europe, this time in Norway. According to Reuters, starting from August 14, Meta will be fined $97,700 per day for privacy breaches. The fine comes from the Norwegian data regulator, Datatilsynet, and will be in effect until November 3.

With the timeframe and amount of money at stake, the fine might be a challenge, even for a tech giant like Meta. As a result, Meta is reaching out to a court in Norway, seeking to put a stop to the fine. A petition for a temporary injunction against the order will be put forth on August 22 during a two-day hearing. Whether the court leans in favor of Meta or not is still up in the air.

Datatilsynet says that Meta can’t gather users’ data in Norway, like their physical locations, and then use it to aim ads at them, which is known as behavioral advertising. Behavioral advertising is a strategy that tailors online ads to users based on their web activity and interests. It uses data analysis to create personalized ads for better engagement but also raises privacy concerns about user data usage.

The regulator also dangles the possibility of turning the fine into a long-term fixture by passing its judgment to the European Data Protection Board, which has the authority to take such action if it aligns with the Norwegian regulator’s stance. If the board backs this move, it could imply that the decision starts to have an impact across all of Europe.

Back in May of this year, the EU slapped Meta with a whopping $1.3 billion fine for breaching privacy rules. It appears that European lawmakers aren’t exactly aiming to be gentle with the big tech giant.


[ad_2]
Source link

One of Galaxy S24 Ultra cameras gets confirmed by trusted source

0
[ad_1]

A trusted source has just confirmed one of Samsung Galaxy S24 Ultra cameras. This information comes from Ice Universe, who shared the info via Twitter. He talked about the telephoto camera on the device.

One of Galaxy S24 Ultra cameras gets confirmed early

Ice Universe says that Samsung plans to use a 50MP telephoto camera, with 3x optical zoom. As a reminder, the Galaxy S23 Ultra has a 10-megapixel telephoto camera with 3x optical zoom.

That is basically all the info he shared this time around. We presume that the Galaxy S24 Ultra will include four cameras on the back, though, just like its predecessor. This telephoto camera will be just one of two telephoto cameras back there.

The other camera will be the periscope telephoto camera with more zoom prowess. The one on the Galaxy S23 Ultra offers 10x optical zoom, and it’s possible that will transfer to the Galaxy S24 Ultra too.

The other two cameras will be the main one (wide-angle one), which is expected to be the same 200MP one used on the S23 Ultra. In regards to the fourth camera, it will likely be an ultrawide one, but we still don’t know the details.

The device will launch in the first quarter of next year

Samsung will almost certainly announce the Galaxy S24 Ultra in the first quarter of next year. The Galaxy S24 and Galaxy S24+ are also expected to arrive alongside the ‘Ultra’ model.

Rumors regarding all three phones are popping up already, though things could change by the time they launch. It’s still quite early for details regarding those devices. We’re sure plenty more info will surface in the coming months, though, as it’s usually the case when it comes to Samsung’s Galaxy S series.

Some rumors even claim that Samsung plans for an Exynos SoC comeback, so some Galaxy S24 models could include it (in some regions). We’ll see.


[ad_2]
Source link

Check out how thin the iPhone 15 Pro bezels will be

0
[ad_1]

It’s not exactly a secret that the iPhone 15 Pro will feature very thin bezels. In fact, based on the information from several sources, those will be the thinnest bezels on any smartphone, at least until the Xiaomi 14 Pro comes knocking.

Take a look at how thin the iPhone 15 Pro bezels will be

Having said that, 9to5Mac shared some renders of the phone that show us those bezels. The publication collaborated with Mark Gurman for this info. They even get compared to some other iPhones in the images we’ll be checking out there. That way, you’ll get a better idea as to how thin those bezels truly are.

The bezels on the iPhone 15 Pro and iPhone 15 Pro Max will be equally thin, though they are shrinking by 30% compared to their predecessors. They will measure 1.5mm, and that goes for all bezels, as they will be uniform.

The iPhone 15 Pro poses next to its predecessors

If you check out the image below, you’ll see those bezels compared to the ones on the iPhone 14 Pro, iPhone 12 Pro, and iPhone 11 Pro. You can clearly see that the bezels are shrinking constantly, and the difference between the iPhone 11 Pro and iPhone 15 Pro is huge.

iPhone 15 Pro bezels vs several iPhones

Now, there are three additional images included in the gallery below. Those images show us the iPhone 15 Pro next to the iPhone 11 Pro, iPhone 14 Pro, and iPhone 14 Pro Max.

Now, as far as Dynamic Island goes, it will be the same size as last year. You’ll still get a rather noticeable pill-shaped cutout at the top of the display. That’s where the facial scanning tech lies, the phone’s front-facing camera, and sensors too. That’s partially what allows Apple to shrink those bezels so much.

All iPhone 15 models will offer a Type-C USB port

The entire iPhone 15 series will feature Type-C ports this year. Those will actually be the first iPhones to do so. All of them will also have a Dynamic Island on the display, and the ‘Pro’ iPhones are said to offer a titanium frame too.

Apple’s new handsets will become official in either September or October, it all depends on who you choose to believe. The most reliable sources claim it will happen in September, though, as expected.


[ad_2]
Source link

Spotify brings its AI-powered DJ feature to 50 markets

0
[ad_1]

The number one music streaming service in the United States, Spotify, has just announced that it’s bringing the AI-powered DJ feature to 50 new markets around the world. Originally introduced back in February in the United States and Canada, DJ was then made available to Spotify users in the UK and Ireland sometime in May.Today, Spotify confirmed that it’s rolling out DJ in beta to 50 markets. Premium users in select markets in Europe, Asia, and Africa, as well as those in Australia and New Zealand, will now be able to access DJ in the English version of the app.

As of August 8, 2023, here are the markets where the AI-powered DJ feature is available for Premium users: Antigua, Australia, Bahamas, Barbados, Barbuda, Belize, Botswana, Burundi, Canada, Dominica, Eswatini, Fiji, Gambia, Ghana, Grenada, Guyana, Ireland, Jamaica, Kenya, Kiribati, Lesotho, Liberia, Malawi, Malta, Marshall Islands, Namibia, Nauru, New Zealand, Nigeria, Pakistan, Palau, Papua New Guinea, Philippines, Rwanda, Saint Kitts and Nevis, Saint Lucia, Saint Vincent and the Grenadines, Samoa, Sierra Leone, Singapore, Solomon Islands, South Africa, Sweden, Tanzania, Tonga, Uganda, United Kingdom, United States, Vanuatu, Zambia, and Zimbabwe.

Spotify’s DJ combines the service’ personalization technology, generative AI, and a dynamic AI voice, providing users with the option to hear commentary in English and get recommendations that fit their tastes.

According to Spotify, when DJ listeners hear commentary alongside personal music recommendations, they’re more willing to try something new or listen to a song they may have otherwise skipped.

To access your personal DJ, you must have Spotify Premium, open the mobile app on iOS or Android, head to the Music feed on Home, and tap DJ. Alternatively, the feature can be accessed from the Made for You hub within the Search tab.


[ad_2]
Source link

Microsoft Fixes 2 Office Zero-Days

0
[ad_1]
Microsoft Fixes 2 Office Zero-Days

Microsoft fixed 74 security issues in its August Patch Tuesday release, including two that were being actively exploited and twenty-three that allowed remote code execution.

Although twenty-three RCE flaws were addressed, Microsoft only categorized six of them as ‘Critical,’ and 67 have a severity rating of ‘Important.’

Flaws In Each Type Of Vulnerability

  • 18 Elevation of Privilege vulnerabilities
  • 3 Security Feature Bypass vulnerabilities
  • 23 Remote Code Execution vulnerabilities
  • 10 Information Disclosure vulnerabilities
  • 8 Denial of Service vulnerabilities
  • 12 Spoofing vulnerabilities

Twelve vulnerabilities in Microsoft Edge (Chromium) that were addressed earlier this month are not included in the data.

Two Vulnerabilities Actively Exploited In The Wild

A vulnerability is considered a zero-day by Microsoft if it has been made public or is being actively used without an official fix.

Patch Tuesday this month addresses two zero-day vulnerabilities:

ADV230003 – Microsoft Office Defense in Depth Update (publicly disclosed):

To address a patch bypass of the previously mitigated and actively used CVE-2023-36884 remote code execution vulnerability, Microsoft has published an Office Defence in Depth update.

The Mark of the Web (MoTW) security feature might be bypassed by threat actors by employing specially crafted Microsoft Office documents.

This would allow files to be opened without showing a security warning and would allow remote code execution.

“An attacker could create a specially crafted Microsoft Office document that enables them to perform remote code execution in the context of the victim. However, an attacker would have to convince the victim to open the malicious file.” reads the advisory published by Microsoft.

The RomCom hacker group, which had been known to use the Industrial Spy ransomware in attacks, actively exploited the vulnerability.

Since then, the ransomware operation has changed its name to “Underground,” under which it still extorts people. Paul Rascagneres and Tom Lancaster used Volexity to find the cause of the issue.

CVE-2023-38180 – .NET and Visual Studio Denial of Service Vulnerability

An actively exploited vulnerability that might lead to a DoS attack on Visual Studio and .NET applications has been addressed by Microsoft.

Unfortunately, Microsoft did not identify who found the vulnerability or provide any other information on how this bug was applied in attacks.

Additionally, three problems with Microsoft Message Queuing Remote Code Execution listed as CVE-2023-35385/36910/36911 (CVSS of 9.8) are among the most severe vulnerabilities that Microsoft has patched.

On a vulnerable server at the level of the Message Queuing service, a remote anonymous attacker can cause the vulnerability to execute malicious code.

The full list of vulnerabilities released by Microsoft for August 2023 is available here.

Keep informed about the latest Cyber Security News by following us on GoogleNews, Linkedin, Twitter, and Facebook.


[ad_2]
Source link