Æpic leak: architectural bug in intel cpus exposes protected data
There are reports that threat actors may leverage the new ÆPIC Leak, aka AEPIC, an attack against Intel processors to expose sensitive information.
According to Security Week:
“The researchers who identified this attack method have been involved in the discovery of several side-channel techniques affecting various processors, including the notorious Meltdown and Spectre attacks and their variants.
However, the researchers pointed out that unlike Meltdown and Spectre, which are transient execution attacks, AEPIC Leak exists due to an architectural bug, which leads to the disclosure of sensitive data without leveraging any side channel. They described it as “the first CPU bug able to architecturally disclose sensitive data.””
It looks like the name ÆPIC is a pun on words; APIC (Advanced Programmable Interrupt Controller) and “Epic” (as in, whoa, that was epic). Thanks to delta-sierra_426 for pointing this article out.
Learn more about the ÆPIC Leak at Security Week.
New Vulnerability Affects All AMD Zen CPUs: Threading May Need to Be Disabled
Unfortunately, Intel is not the only one in the news. A new CPU vulnerability dubbed “SQUIP, short for Scheduler Queue Usage via Interference Probing, has been discovered. AMD Zen-based Ryzen chips, among others, have been found vulnerable to this new security flaw.
According to Tom’s Hardware:
“But AMD’s implementation of SMT appears to be vulnerable to the so-called SQUIP side-channel attack that can reveal a 4096-bit RSA key fairly quickly.
All of AMD’s Zen microarchitectures have separate scheduler queues per execution unit (so do Apple’s M1-series CPUs). Each of these schedulers maintains separate queues from where the μops are issued for the corresponding execution units. AMD’s scheduler with SMT enabled introduces interferences across workloads, which opens doors to observe scheduler queue contention via performance counters and unserialized timer reads across sibling threads on the same core.
Thanks to delta-sierra_426 for pointing out this issue, as well.
Learn more about SQUIP chip vulnerability at Tom’s Hardware.
Updates to recent stories
Before we jump into the next section, I just wanted to point out these two updates to recent stories.
Bright fireball over madrid traced back to comet of origin
A fireball spotted over Madrid on July 31st has had its astronomical ancestry unearthed as a fragment that began as part of Comet 169P/NEAT, which is responsible for the annual Alpha Capricornids meteor shower.
Cisco admits corporate network compromised by gang with links to lapsus$
This one has definitely been making the rounds today, but in case you haven’t heard about it yet, Cisco may have been hacked and had almost 2.8GB of data stolen. Luckily, it does sound like it was non-sensitive data.
According to The Register:
“Cisco disclosed on Wednesday that its corporate network was accessed by cyber-criminals in May after an employee’s personal Google account was compromised – an act a ransomware gang named “Yanluowang” has now claimed as its work.
The world’s largest networking vendor disclosed the months-old compromise after a list of files accessed during the incident appeared on the dark web.
A Cisco statement asserts the company “did not identify any impact to [its] business as a result of this incident, including Cisco products or services, sensitive customer data or sensitive employee information, intellectual property, or supply chain operations.””
Learn more about the Cisco data breach at The Register.
Fcc cancels $886 million in funding for spacex’s starlink
The U.S. Federal Communications Commission (FCC) has rejected Starlink’s application to receive $885.51 million in broadband funding, essentially canceling a grant awarded in a reverse auction back in 2020 by the FCC during then-Chairman Ajit Pai’s tenure.
According to PCMag:
“The FCC announcement signals the US regulator isn’t confident SpaceX can meet those goals when Starlink’s current advertised speeds reach between 50Mbps to 200Mbps. The other problem is the high cost of Starlink equipment. The service costs US consumers $110 per month for access, along with a $599 one-time fee for the Starlink dish itself.
For additional information on installation and configuration, see the main documentation page and the TightVNC FAQ.
If you would like to compile the source yourself, please read instructions in the
BUILDING.txt file included in the source archive.
TightVNC servers can be upgraded remotely. This means that you can perform the TightVNC
installation working in an active TightVNC session. While the TightVNC service is running,
it’s impossible to replace its executable files in place, so the installer will copy new
files into a temporary location, and these new files will replace older versions during the
next reboot. The installer will prompt for reboot if it was not able to replace the
Before using this feature, you should read and understand the following:
- Remote upgrade requires rebooting the computer. If you want to be able to access
your computer after the reboot, make sure you’re running WinVNC as a service,
not in the application mode.
- If you’re running WinVNC service from some another VNC distribution, this
installation procedure won’t replace it with the TightVNC service by default.
This is a limitation that may be solved in future versions. However, there is a way
to perform such an upgrade: install TightVNC into the same directory where old VNC
files (WinVNC.exe and VNCHooks.dll) are installed. In this case,
old binaries will be replaced by the new ones during the reboot, and there will be no
need to re-install the service. Please note that the installer should show you the
reboot prompt at the end of the installation, otherwise you probably selected wrong
- There is a number of things that can prevent the machine to reboot correctly, and
that can cause losing the control over the computer. In other words, there is NO
WARRANTY that the remote upgrade procedure is absolutely reliable. To minimize
possible risks, close all the running applications (besides the WinVNC service
itself) before launching the TightVNC installer.
Running a server (winvnc)
TightVNC Server can be started in one of the two ways:
Running a viewer
To view and control a remote desktop where a TightVNC Server is running, you need to run the
TightVNC Viewer. To run the viewer, choose Start->Programs->TightVNC->TightVNC
Viewer. You will see a window allowing to choose which server to connect to.
After entering the host name or its IP address (and optionally a display number), choose
“Connect”. On successful connection, you will be prompted for your password, and if
the entered password is correct, finally you should see the remote desktop.
Alternatively, you can start the viewer in the listening mode, by using the correspoding
button in the “New Connection” window. In that mode, the viewer’s icon will
appear in the system tray, and it will accept reverse connections from TightVNC servers (see
above the description of the WinVNC “Add New Client” menu item).
In the “New Connection” window, you can use built-in context help. To get help on
using a particular control, first click small question button in the window title bar, then
click on that control. Another way to obtain context help is to press F1 key while the
keyboard focus is in the corresponding control.
TightVNC can be uninstalled using the Add/Remove Programs utility under the Control
Panel, but it’s also ok to remove the directory you have installed it into
(typically, C:Program FilesTightVNC). Note that the TightVNC installation
program does not copy any files into the system directory. Before uninstalling TightVNC,
make sure WinVNC is not running and not installed as a service.
Using a web browser as a viewer
The VNC servers also contain a small Web server. If you connect to it with a web browser,
the Java version of the viewer will be downloaded automatically, allowing you to access
the remote desktop. Obviously, your Web browser must support Java applets. Also, you
should not use a proxy, to let the Java applet access the remote server directly.