"Battering RAM involves planting a device called an interposer between the CPU and the DRAM memory. The interposer, which the researchers managed to build for only $50, is attached to the DIMM and can sit quietly to avoid detection. However, with the flip of a switch, the device can be enabled to silently redirect protected memory addresses to locations controlled by the attacker."
"They have now presented Battering RAM, which can bypass modern defenses delivered by Intel and AMD cloud processors. According to the researchers, the attack can break Intel SGX and AMD SEV-SNP confidential computing technologies that are widely used by cloud providers and designed to protect sensitive data even from malicious insiders and attackers who have access to the host system."
Battering RAM is a hardware attack that bypasses modern Intel and AMD confidential computing defenses, including Intel SGX and AMD SEV-SNP. The attack uses a low-cost interposer device inserted between the CPU and DRAM on a DIMM. The interposer can remain undetected by the operating system and boot-time protections, and can be enabled to silently redirect protected memory addresses to attacker-controlled locations, exposing plaintext memory and breaking attestation. The interposer can be built for tens of dollars and requires short-duration physical access to the target system, limiting remote applicability but posing risks in environments where attackers can reach hardware.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]