New speculative execution attack Retbleed impacts Intel and AMD CPUs

Read Time:37 Second

Researchers have discovered a new attack technique that exploits the speculative execution feature of modern CPUs to leak potentially sensitive information from the kernel’s memory. The attack circumvents some of the software defenses some operating systems put in place to prevent previous exploits of this nature.

The attack, dubbed Retbleed by researchers from Swiss university ETH Zurich, works against both Intel and AMD CPUs. On Intel it’s tracked as CVE-2022-29901 and impacts CPU generations 6, 7 and 8 although to different extents and depending on the mitigations used by the operating system. On AMD it’s tracked as CVE-2022-29900 and impacts AMD Zen 1, Zen 1+ and Zen 2 CPUs.

To read this article in full, please click here

Friday Squid Blogging: Squid Facts on Your Phone

Law Enforcement Crackdowns Drive Novel Ransomware Affiliate Schemes

SAP Fixes Critical Vulnerability After Evidence of Exploitation

M&S Shuts Down Online Orders Amid Ongoing Cyber Incident

Security Experts Flag Chrome Extension Using AI Engine to Act Without User Input

Cryptocurrency Thefts Get Physical

US Data Breach Lawsuits Total $155M Amid Cybersecurity Failures

Popular LLMs Found to Produce Vulnerable Code by Default

Hackers access sensitive SIM card data at South Korea’s largest telecoms company