Recherche : [speculative]

'GhostRace' Speculative Execution Attack Impacts All CPU, OS Vendors https://www.darkreading.com/cyber-risk/ghostrace-speculative-execution-attack-cpu-os-vendors

18/03/2024 08:32:01

Like Spectre, the new exploit could give attackers a way to access sensitive information from system memory, and take other malicious actions.

iLeakage https://ileakage.com/

25/10/2023 23:45:04

We present iLeakage, a transient execution side channel targeting the Safari web browser present on Macs, iPads and iPhones. iLeakage shows that the Spectre attack is still relevant and exploitable, even after nearly 6 years of effort to mitigate it since its discovery. We show how an attacker can induce Safari to render an arbitrary webpage, subsequently recovering sensitive information present within it using speculative execution. In particular, we demonstrate how Safari allows a malicious webpage to recover secrets from popular high-value targets, such as Gmail inbox content. Finally, we demonstrate the recovery of passwords, in case these are autofilled by credential managers.

Hackers can force iOS and macOS browsers to divulge passwords and much more https://arstechnica.com/security/2023/10/hackers-can-force-ios-and-macos-browsers-to-divulge-passwords-and-a-whole-lot-more/

25/10/2023 20:34:57

iLeakage is practical and requires minimal resources. A patch isn't (yet) available.

BRANCH HISTORY INJECTION https://www.vusec.net/projects/bhi-spectre-bhb/?s=09

11/03/2022 10:09:52

On the Effectiveness of Hardware Mitigations Against Cross-Privilege Spectre-v2 Attacks
BHI (or Spectre-BHB) is a revival of cross-privilege Spectre-v2 attacks on modern systems deploying in-hardware defenses. And we have a very neat end-to-end exploit leaking arbitrary kernel memory on modern Intel CPUs to prove it (PoC||GTFO right?).

Liens par page

Filtres