Tech

New Security Flaw Hits Intel, Laptops this time

New Security Flaw Hits Intel, Laptops this time

F-Secure made a number of recommendations.

"The attack is nearly deceptively simple to enact, but it has incredible destructive potential". But the amount of time required to execute the attack is so short that even a notebook or desktop computer left unattended for a few minutes could be compromised in what is referred to by security researchers as an "evil maid" attack-or in this case, an evil barista, co-worker, fellow airline or train passenger, or anyone else with a few minutes of unhindered access to the computer.

Intel AMT is software created to provide maintenance and remote access monitoring services for corporate laptop users.

A hacker trying to gain access to a computer can enter the Intel Management Engine BIOS menu when the device is booted, using a password that is usually set by default, and then configure for itself remote access.

"This allows an attacker access to configure AMT and makes remote exploitation possible", said Sintonen. And once inside AMT (reached by hitting Ctrl-P during boot), the attacker can log in using "admin", input a new remote password, configure AMT to suppress notifications that the laptop has been connected to remotely (thereby preventing users from knowing what's happened), and also configure it to allow wireless remote management in addition to wired management. While you would normally need the BIOS password in order to perform any hijinks at this point, using Intel's Managment Engine BIOS Extension (MEBx) can allow an attacker to login in with a simple "admin" login that is the default.

Even if your device is setup with proper security mechanism including a password in BIOS and BitLocker, the vulnerability bypasses the BIOS security and grants the attacker access to the system.

More news: Royal Dutch Shell (LON:RDSA) Given "Buy" Rating at Jefferies Group

From there, the attacker can change the default password, enable remote access and set the AMT's user opt-in to "none" enabling remote access to the device without knowledge or input from the user - so long as they can put themselves on the same network as the victim.

It isn't the first time this sort vulnerability has come to light - another researcher has previously disclosed a similar attack, while CERT-BUND have previously alerted attacks which work much the same way but require USB access to the target device.

Although the initial attack requires physical access, the speed at which it can be carried out makes it easily exploitable, said Sintonen. "And since the computer connects to your company VPN (Virtual Private Network), the attacker can access company resources".

"Essentially, one attacker distracts the mark, while the other briefly gains access to his or her laptop".

F-Secure's Sintonen, however, wasn't the only security researcher to unearth the problem. If the Meltdown and Spectre weren't enough trouble for users, this new vulnerability could be exploited by hackers to take control of unpatched systems.

Harry Sintonen, a senior security consultant at F-Secure, describes the AMT default password vulnerability. The system provisioning process needs to be updated to include setting a strong password for AMT, or disabling it completely if possible. This is what prompted some Linux computer vendors to start disabling this functionality, along with the whole Intel ME, on their consumer devices. However, many device manufacturers do not follow this advice. If the password is already set to an unknown value, consider the device suspect.


  • Ice cream recalled over listeria fears

    Ice cream recalled over listeria fears

    On Tuesday, the company expanded the recall to include all products made at its Dunkirk, New York, plant in 2017. Consumers who have purchased these products are urged to return them to the place of purchase for a full refund.
    Meghan Markle's Family Drama Escalates Just in Time for the Royal Wedding

    Meghan Markle's Family Drama Escalates Just in Time for the Royal Wedding

    In an interview with Glamour in 2016, Markle hadn't met Harry yet, but she had wedding dresses on the brain. When you're becoming a royal , a full skirt feels apropos, if not a requirement.

    Costco Wholesale Corporation (COST) — Traders Focused Stock

    Nine equities research analysts have rated the stock with a hold rating and twenty-one have given a buy rating to the company. BMO Capital Markets downgraded Costco Wholesale Corporation (NASDAQ: COST ) on Monday, July 10 to "Market Perform" rating.
  • Oprah would beat Trump

    The person emphasised that Winfrey has not made up her mind about running. "At the same time, politics is ridiculous right now". However, her longtime partner Stedman Graham said " she would absolutely do it ", according to The Los Angeles Times .
    James Franco 'letting it be'

    James Franco 'letting it be'

    Some who talked to the LA Times claimed these parts were usually inappropriate and the work was not as prolific as promised. He didn't respond by email, but Paley said they later spoke on the phone. "The power dynamic was way off", she recalled.
    Trump Orders Plan for Mental Health Care for US Veterans

    Trump Orders Plan for Mental Health Care for US Veterans

    Bush White House put out his exam results, which found he was in the top 2 percent for cardiovascular fitness for men of his age. Ronny Jackson , M.D., who also treated former president Obama , will administer the physical.
  • Trump lawyer sues BuzzFeed for publishing Russia dossier

    Trump lawyer sues BuzzFeed for publishing Russia dossier

    When it published the dossier, Buzzfeed noted it contained allegations that were unverified and had some "clear errors". The statement added Cohen will seek "maximum damages" against the defendants.

    Vodafone Group (VOD) Shares Down 0%

    Fair Isaac Corporation (FICO ) stock price surged with Upswing change of 2.91% when it was compared to 20-day moving average. The analysts, on average, are forecasting a $34.14 price target, but the stock is already up 30.19% from its recent lows.
    Quarterback position at MSU, Alabama will be worth watching — Smith on Sports

    Quarterback position at MSU, Alabama will be worth watching — Smith on Sports

    The Alabama offensive coordinator Brian Daboll has a certain way of looking at the throwing accuracy of quarterbacks. So, Alabama win and I go into these litanies of facts. "In overtime we didn't finish when we had to and Alabama did.
  • Qatar, UAE clash over airspace violation

    Qatar, UAE clash over airspace violation

    The State of Qatar has officially filed a complaint at the UN Security Council after an UAE fighter jet violating its airspace a year ago , Al Jazeera reported.
    Netflix, Inc. (NFLX) Shares Bought by BKS Advisors LLC

    Netflix, Inc. (NFLX) Shares Bought by BKS Advisors LLC

    Ctc Llc decreased its stake in Netflix Inc (NFLX ) by 50.55% based on its latest 2017Q3 regulatory filing with the SEC. Aspiriant Llc increased Ishares Tr (USMV) stake by 183,556 shares to 239,414 valued at $12.05 million in 2017Q3.

    Featured Stock for Investors: Teva Pharmaceutical Industries Limited (NYSE:TEVA)

    The market capitalization (Stock Price Multiply by Total Number of Outstanding Shares) for the company is reported at $20.22B. It improved, as 60 investors sold APA shares while 202 reduced holdings. 128 funds opened positions while 644 raised stakes.