![]() ![]() Zombieload attacks exploit a vulnerability that exists when checking permissions on data access, and can still be exploited via what is known as hyperthreading. The bad news is that in testing the SCFirefox framework, the researchers were able to model the first so-called zombieload attack using the browser. This allows us to better assess risks and take appropriate countermeasures more quickly." They allow us to quickly prototype attacks that help us understand how attacks work. "The frameworks make it easier for us to test which attacks are feasible. Michael Schwarz, who was also involved in the discovery of Spectre and Meltdown, co-developed the frameworks. This work will be made much easier in the future by libtea and SCFirefox. Until now, this has often required lengthy research and analysis efforts. Fortunately, such attacks have hardly been suitable for mass use to date however, the complexity of the attacks also makes it difficult for cybersecurity researchers and IT security experts in companies to find possible attack variants and develop effective countermeasures. "Most of the attack variants, which have sounding names like Spectre, Meltdown, or Zombieload, are complicated to execute and require some know-how," explains CISPA faculty member Dr. In 2018, it became known that vulnerabilities in widely used Intel and AMD processors allow attackers to read data, some of it sensitive, from memory. CPU attacks have been a hotly debated topic in IT security research for about three years. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |