Category: security

WINDOWS 10 19H1 SPECTRE CPU FIXES

Windows-10-logo

Retpoline as a mitigation strategy swaps indirect branches for returns, to avoid using predictions which come from the BTB, as they can be poisoned by an attacker. The problem with Skylake+ is that an RSB underflow falls back to using a BTB prediction, which allows the attacker to take control of speculation. The RSB is …

Continue reading

FLIGHT SIM LABS

FlightSimLabs

Somebody sent us a note earlier about this company using some rather suspicious tools. Evidently the company is bundling a chrome password dump tool with their software for Flight Simulator etc. There is a file called test.exe which has been found to dump the passswords from Google Chrome. Evidently they were using this to …

Continue reading

INFINEON TPM SECURITY ADVISORY

Seal_of_the_U_S__National_Security_Agency

It has come to our attention that certain laptops with an Infineon TPM chip . This advisory addresses CVE-2017-15361, also referred to as “Return of Coppersmith’s Attack” (ROCA). What happened is that the TPM chip generated weak cryptographic keys. The standard for keys is comparatively strict Microsoft Advisory 170012  indicated that the …

Continue reading

LAPTOP FRU WHITELISTS

Lenovo T500

Many laptops unknown to the user use a whitelist for the hardware installed. We have seen whitelists for Wi-Fi cards, batteries and even cellular cards. Acer, Asus, MSI and Samsung are not known to use any whitelists, hardware can be modified as desired. KNOWN WHITELIST USERS Lenovo Toshiba Dell HP/Compaq Whitelist users hide behind nonsense …

Continue reading