Yusuf On SecuritySecurity news, opinion and advice

AMD flaws

Researchers have found numerous flaws in Advanced Micro Devices better known as AMD. The firm behind the findings is CTS-Labs. The attacks work on popular motherboards such as Tyan, ASUS, ASRock, Gigabyte, Biostar who all used AMD.

The CPU manufacturer was given just 24 hours before all 13 flaws were made public. AMD was not amused and rightly so. Local administration right is required to exploit these vulnerabilities and “ most harmful in APT situations on enterprise networks”. Furthermore It is important to note that “the vulnerabilities described could give an attacker that has already gained initial foothold into one or more computers in the enterprise a significant advantage against IT and security teams”. You need to gain privileged foothold onto the machine in order to exploit these exposures.

[UPDATE 21-03-2018] AMD has issued a public statement on their blog.

Join the discussion

Further reading

What will it take?

A great piece on what it will take to improve the safety of the connected world. Read it here.

Extended detection and response (XDR)

Extended detection and response (XDR) captures threat data from previously isolated security tools throughout the organizations tech stack to enable...

Log4j Vulnerabilities

Towards the end of November, a researcher from Alibaba discovered a fault (CVE-2021-44228) in a well known open-source logging library called...

Recent podcasts