-
Wondered why there is no CVE for
#NetSpectre? Intel believes the old CVEs still apply for#NetSpectre because they think "#NetSpectre is a local attack". See https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator … for a description of "local attack": "A vulnerability exploitable with Local access means thatPrikaži ovu nit -
The slides I will present at today’s
#frOSCon Keynote on#Spectre#Meltdown#TLBleed#NetSpectre#L1TF (aka#Foreshadow) and similar microprocessor microarchitecture vulnerabilities are now online. Simple as 1,2,3 (aka 123 slides in 1 hour): http://people.redhat.com/jcm/talks/frOSCon_2018.pdf … -
The slides of
@marv0x90 and my#BHASIA talk about#NetSpectre are now also online: https://misc0110.net/web/files/netspectre_blackhat_slides.pdf …pic.twitter.com/Y6bk5h1far
-
"Although the attack is innovative,
#NetSpectre also has its downsides. The biggest is the attack's woefully slow exfiltration speed, which is 15 bits/hour for attacks carried out via a network connection and targeting data stored in the CPU's cache." https://www.bleepingcomputer.com/news/security/new-netspectre-attack-can-steal-cpu-secrets-via-network-connections/ … -
Intel just gave me permission to release the blog on the
#AVX Clock Speed Throttle#Spectre. So as promised, here it is - the way I intended to publish it back in June before#NetSpectre was announced: http://www.numberworld.org/blogs/2018_6_16_avx_spectre/ …https://twitter.com/Mysticial/status/1007884805026013184 …Prikaži ovu nit -
is it wrong I think #NetSpectre is sexier than the other variants?
pic.twitter.com/Q7EqH7cBtH -
Here is an excellent analysis of
#NetSpectre: https://www.redhat.com/en/blog/thoughts-netspectre … Really like the analysis, both of where it *does* matter, and where it matters less. -
Forget
#Spectre and welcome#NetSpectre by which an attacker can bombard the computer network ports to get the desired results. https://www.hackread.com/spectre-attack-variant-netspectre-extract-sensitive-data/ … -
Do you have questions about
#NetSpectre? Check out our article on the Customer Portal: https://red.ht/2LseSI6 -
This is amazing: People mounting
#NetSpectre attacks as part of classroom projects! https://github.com/Luna1996/WUSTL/blob/e8ea85badc1252e1ef3ac87653a4ad63848cf48f/571/Project/report/report.pdf … -
New
#NetSpectre steals data over the network. https://buff.ly/2Axq0P0#Spectre#malware#vulnerability#CPU#cyberattack#infosecpic.twitter.com/iJZehI9QKL
-
Live stream for my talk on
#Meltdown#Spectre#TLBleed#NetSpectre#L1TF (aka#Foreshadow), etc. Slides available here: http://people.redhat.com/jcm/talks/frOSCon_2018.pdf …#FrOSConhttps://twitter.com/froscon/status/1033666106282663936 … -
Verdict was always Reject with the reason along the lines of "As long as there's no
#NetSpectre gadget found exploitable in the wild in off-the-shelf software, this is a purely academic attack and we will reject it." (not a literal quote from reviews of course)Prikaži ovu nit -
New NetSpectre Attack Can Steal CPU Secrets via Network Connections https://www.bleepingcomputer.com/news/security/new-netspectre-attack-can-steal-cpu-secrets-via-network-connections/ …
#CPU#NetSpectre#security pic.twitter.com/QGhPuyPi7q
-
Tomorrow will be even more slides (over 100 in an hour) and cover all disclosed variants of
#Spectre#Meltdown#NetSpectre#TLBleed#Foreshadow#L1TF (and more) with how they work. Make sure you have coffee before you come.#frOSConhttps://twitter.com/dirkhaun/status/1033448426715967488 … -
I’m going to throw it out there and say I’m impressed by the
#NetSpectre research. Even if it is the slowest way ever to steal something.. -
"We demonstrate that using previously ignored gadgets allows breaking address-space layout randomization in a remote attack. Address-space layout randomization (ASLR)"
#NetSpectre
-
-
I expect the name
#NetSpectre to be all over the news tomorrow. Reading arbitrary memory over the network: https://misc0110.net/web/files/netspectre.pdf …#infosec#CyberSecurity#Spectre#speculativeexecution -
#NetSpectre Attack Could Enable Remote#CPU Exploitation http://bit.ly/2v6EIHm pic.twitter.com/ZTQhGtpkgm
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.