Skip to main content

Firmware Flaw Affecting All Modern Laptops Allows Encryption Key Theft

Image
By Priyal Dalal

The Meltdown and Spectrevulnerabilities rocked the entire PC industry, and despite several patches to mitigate the risks, new variants of the flaws continue to surface. And it seems there is no respite for security professionals.


Finnish cybersecurity company, F-Secure, has discovered a new firmware flaw which affects all modern laptops and can be exploited to steal encryption keys and sensitive data.

The vulnerability allows a malicious party to perform a cold boot attack on a device which they can physically access, and all it takes is just 5 minutes to get past the security layers of a Windows or macOS-powered laptop and steal sensitive information.


“It takes some extra steps compared to the classic cold boot attack, but it’s effective against all the modern laptops we’ve tested”, said F-Secure Principal Security Consultant, Olle Segerdahl. Modern laptops come with a safety mechanism to thwart cold boot attacks, but F-Secure’s team discovered a flaw in that mechanism which allows hackers to disable the security firewall and successfully execute a cold boot attack.

“Because this attack works against the kind of laptops used by companies there’s no reliable way for organizations to know their data is safe if a computer goes missing. And since 99 percent of company laptops will contain things like access credentials for corporate networks, it gives attackers a consistent, reliable way to compromise corporate targets”, Segerdahl explained.

But the most worrisome aspect of the new discovery is that the vulnerability cannot be fixed easily, and as per F-Secure, companies should brace themselves for such attacks. The only way theft of sensitive data can be prevented is by configuring all laptops to automatically shut down or go into hibernation mode whenever a device boots or restores.

Moreover, log-in credentials for accessing a network should immediately be changed as soon as a device is reported missing, because once a malicious party has got physical access to a computer, they have ample amount of time to exploit the firmware flaw and perform a cold boot attack to steal information. F-Secure has already shared details of the new vulnerability with Intel, Microsoft, and Apple to alert them about the threat.

Comments

Post a Comment

Contact Form

Name

Email *

Message *

Popular posts from this blog

Microsoft SQL Server 2019 Serial Key For All Edition

By Priyal Dalal
  Microsoft SQL Server 2019 Enterprise Edition HMWJ3-KY3J2-NMVD7-KG4JR-X2G8G Microsoft SQL Server 2019 Enterprise Core Edition 2C9JR-K3RNG-QD4M4-JQ2HR-8468J Microsoft SQL Server 2019 Standard Edition PMBDC-FXVM3-T777P-N4FY8-PKFF4 SQL Server2019 key   SQL Server 2019 Enterprise:HMWJ3-KY3J2-NMVD7-KG4JR-X2G8G Strandard:PMBDC-FXVM3-T777P-N4FY8-PKFF4 SQL Server 2017 Enterprise:TDKQD-PKV44-PJT4N-TCJG2-3YJ6B Enterprise Core:6GPYM-VHN83-PHDM2-Q9T2R-KBV83 Strandard:PHDV4-3VJWD-N7JVP-FGPKY-XBV89 Web:WV79P-7K6YG-T7QFN-M3WHF-37BXC SQL Server 2016 Enterprise:MDCJV-3YX8N-WG89M-KV443-G8249 Enterprise Core:TBR8B-BXC4Y-298NV-PYTBY-G3BCP Standard:B9GQY-GBG4J-282NY-QRG4X-KQBCR Web:BXJTY-X3GNH-WHTHG-8V3XK-T8243 SQL Server 2014 Business Intelligence:GJPF4-7PTW4-BB9JH-BVP6M-WFTMJ Developer:82YJF-9RP6B-YQV9M-VXQFR-YJBGX Enterprise:27HMJ-GH7P9-X2TTB-WPHQC-RG79R Enterprise Core:TJYBJ-8YGH6-QK2JJ-M9DFB-D7M9D Strandard:P7FRV-Y6X6Y-Y8C6Q-TB4QR-DMTTK Web:J9MBB-R8PMP-R8WTW-8JJRD-C6GGW
Post a Comment
Read more

VS CODE PRODUCT KEY

By Priyal Dalal
Visul Studio 2013 Ultimate Key BWG7X-J98B3-W34RT-33B3R-JVYW9 https://www.microsoft.com/en-us/download/details.aspx?id=55992 https://go.microsoft.com/fwlink/?linkid=841310 https://www.microsoft.com/en-us/download/details.aspx?id=35747 https://downloads.i-theses.com/?task=downloads&groupid=9&id=110 Product Year Version Product Keys Visual Studio 2022 2022 Enterprise: VHF9H-NXBBB-638P6-6JHCY-88JWH Professional: TD244-P4NB7-YQ6XK-Y8MMM-YWV2J Visual Studio 2020 2020 HG8FD-DR6F8-T7G9Y-H80UI-9NUB8 YV7T8-R6C8R-C6VT9-7GBHY-80NUJ T6RX5-EZXCR-6VT7B-Y80NU-HBGVF CDX5X-7E5CR-86VT7-9BY9V-7TC8R Visual Studio 2019 2019 16.x Professional: NYWVH-HT4XC-R2WYW-9Y3CM-X4V3Y Enterprise: BF8Y8-GN2QH-T84XB-QVY3B-RC4DF Visual Studio 2017 2017 15.x Test Professional: VG622-NKFP4-GTWPH-XB2JJ-JFHVF Professional: KBJFW-NXHK6-W4WJM-CRMQB-G3CDH 4F3PR-NFKDB-8HFP7-9WXGY-K77T7 Enterprise: NJVYC-BMHX2-G77MM-4XJMR-6Q8QF N2VYX-9VR2K-T733M-MWD9X-KQCDF Visual Studio 2015 2015 14.x Profession
Post a Comment
Read more
By Priyal Dalal
   (MI) – PRACTICAL LIST 1 Write an 8085 assembly language program for exchanging two 8-bit numbers stored in memory locations 2050h and 2051h. 2 Write an 8085 assembly language program to add two 8-bit numbers stored in memory locations 2050h and 2051h. Store result in location 2052h 3 Write an 8085 assembly language program to subtract two 8-bit numbers stored in memory location 2050h from 2051h.Store result in location 2052h. 4 Write an 8085 assembly language program to add two 16-bit numbers stored in memory. 5 Write an 8085 assembly language program to add two decimal numbers using DAA instruction. 6 Write an 8085 assembly language program to find the minimum from two 8-bit numbers. 7 Write an 8085 assembly language program to get the minimum from block of N 8-bit numbers. 8 Write an 8085 assembly language program to add block of 8-bit numbers. 9 Write an 8085 assembly language program to copy block of five numbers starting from memory location 2001h to location starting from 3001
Post a Comment
Read more