#amd-sev-snp

[ follow ]
#stackwarp #smt-side-channel #virtualization-security #microsoft-patch-tuesday #cve #privilege-escalation
Information security
fromTheregister
2 weeks ago

Flipping one bit leaves AMD CPUs open to VM vuln

StackWarp lets hypervisor-side attackers manipulate stack pointers in AMD SEV-SNP guests via an SMT microarchitecture flaw, exposing secrets, enabling key recovery and privilege escalation.
fromTheregister
3 months ago

Microsoft frightful Patch Tuesday: 175+ CVEs, 3 under attack

Spooky season is in full swing, and this extends to Microsoft's October Patch Tuesday with security updates for a frightful 175 Microsoft vulnerabilities, plus an additional 21 non-Microsoft CVEs. And even scarier than the sheer number of bugs: three are listed as under attack, with three others publicly known, and 17 deemed critical security holes. Let's start with the flaws that attackers already found and exploited before Redmond pushed patches.
Information security
Information security
fromThe Hacker News
4 months ago

$50 Battering RAM Attack Breaks Intel and AMD Cloud Security Protections

A low-cost DDR4 interposer enables attackers to bypass Intel SGX and AMD SEV-SNP memory encryption, exposing confidential cloud workloads to plaintext read/write.
[ Load more ]