Threat actors could compromise encrypted virtual machines and facilitate privilege escalation efforts through the new CacheWarp attack involving the exploitation of a vulnerability impacting AMD's Secure Encrypted Virtualization technology, tracked as CVE-2023-20592, according to The Hacker News.
While AMD's SEV-SNP technology, which integrates Secure Nested Paging, includes robust memory integrity defenses, such protections could be bypassed by CacheWarp by abusing the INVD instruction leveraged for removing cache content within a processor, a report from CISPA Helmholtz Center for Information Security and Graz University of Technology researchers revealed.
"The instruction 'INVD' drops all the modified content in the cache without writing them back to the memory. Hence, the attacker can drop any writes of guest VMs and the VM continues with architecturally stale data," said researcher Ruiyi Zhang, who added that the timewarp and dropforge attack primitives enabling code execution prior to recognizing an outdated return address from memory and data change resetting in guest VMs, respectively, could allow unlimited VM access.
Google announced at the Google I/O 2024 conference that several new security and privacy enhancements are set to roll out for Android, including on-device live threat detection for identifying malicious apps, improved safeguards for screen sharing, and enhanced security against cell site simulators, TechCrunch reports.
The botnet malware tracked as Ebury has steadily expanded over the past decade, having compromised over 400,000 hosts since 2009, with about 100,000 still-infected systems identified by the end of 2023, according to SecurityWeek.
The Department of Defense will evaluate the cybersecurity of mobile devices used by analysts and servicemembers as mandated in the draft text of the 2025 National Defense Authorization Act, Nextgov/FCW reports.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news