Tech

New Security Flaw Hits Intel, Laptops this time

New Security Flaw Hits Intel, Laptops this time

F-Secure made a number of recommendations.

"The attack is nearly deceptively simple to enact, but it has incredible destructive potential". But the amount of time required to execute the attack is so short that even a notebook or desktop computer left unattended for a few minutes could be compromised in what is referred to by security researchers as an "evil maid" attack-or in this case, an evil barista, co-worker, fellow airline or train passenger, or anyone else with a few minutes of unhindered access to the computer.

Intel AMT is software created to provide maintenance and remote access monitoring services for corporate laptop users.

A hacker trying to gain access to a computer can enter the Intel Management Engine BIOS menu when the device is booted, using a password that is usually set by default, and then configure for itself remote access.

"This allows an attacker access to configure AMT and makes remote exploitation possible", said Sintonen. And once inside AMT (reached by hitting Ctrl-P during boot), the attacker can log in using "admin", input a new remote password, configure AMT to suppress notifications that the laptop has been connected to remotely (thereby preventing users from knowing what's happened), and also configure it to allow wireless remote management in addition to wired management. While you would normally need the BIOS password in order to perform any hijinks at this point, using Intel's Managment Engine BIOS Extension (MEBx) can allow an attacker to login in with a simple "admin" login that is the default.

Even if your device is setup with proper security mechanism including a password in BIOS and BitLocker, the vulnerability bypasses the BIOS security and grants the attacker access to the system.

More news: Ice cream recalled over listeria fears

From there, the attacker can change the default password, enable remote access and set the AMT's user opt-in to "none" enabling remote access to the device without knowledge or input from the user - so long as they can put themselves on the same network as the victim.

It isn't the first time this sort vulnerability has come to light - another researcher has previously disclosed a similar attack, while CERT-BUND have previously alerted attacks which work much the same way but require USB access to the target device.

Although the initial attack requires physical access, the speed at which it can be carried out makes it easily exploitable, said Sintonen. "And since the computer connects to your company VPN (Virtual Private Network), the attacker can access company resources".

"Essentially, one attacker distracts the mark, while the other briefly gains access to his or her laptop".

F-Secure's Sintonen, however, wasn't the only security researcher to unearth the problem. If the Meltdown and Spectre weren't enough trouble for users, this new vulnerability could be exploited by hackers to take control of unpatched systems.

Harry Sintonen, a senior security consultant at F-Secure, describes the AMT default password vulnerability. The system provisioning process needs to be updated to include setting a strong password for AMT, or disabling it completely if possible. This is what prompted some Linux computer vendors to start disabling this functionality, along with the whole Intel ME, on their consumer devices. However, many device manufacturers do not follow this advice. If the password is already set to an unknown value, consider the device suspect.


  • Jobs fading at Indiana plant that basked in Trump deal

    Jobs fading at Indiana plant that basked in Trump deal

    That's down from some 1,600 factory and office jobs when Carrier announced plans in early 2016 to move production to Mexico. She now makes $US18 ($F36) per hour, taking advantage of overtime shifts, and sometimes works seven days a week.
    US Supreme Court Will Hear Texas' Redistricting Cases

    US Supreme Court Will Hear Texas' Redistricting Cases

    Folded into the case will be the question of whether nine state House districts illegally harm minority voting rights. Maryland Republicans are challenging a single Democratic congressional district based on voters' freedom of speech.
    White House: President Trump didn't reject United Kingdom  state visit

    White House: President Trump didn't reject United Kingdom state visit

    But leading Brexit campaigner Nigel Farage, who visited Trump following his election, said the decision was "disappointing". US President Donald Trump and British Prime Minister Theresa May at the G20 summit in Germany past year .
  • Constellation Brands (NYSE:STZ) Releases FY18 Earnings Guidance

    The company reported $2.00 earnings per share for the quarter, beating the Thomson Reuters' consensus estimate of $1.87 by $0.13. Gifford Combs increased its stake in Tarena Intl Inc (TEDU) by 45.79% based on its latest 2017Q3 regulatory filing with the SEC.
    Quarterback position at MSU, Alabama will be worth watching — Smith on Sports

    Quarterback position at MSU, Alabama will be worth watching — Smith on Sports

    The Alabama offensive coordinator Brian Daboll has a certain way of looking at the throwing accuracy of quarterbacks. So, Alabama win and I go into these litanies of facts. "In overtime we didn't finish when we had to and Alabama did.
    Jai Simha Is A Treat For Balakrishna Fans!

    Jai Simha Is A Treat For Balakrishna Fans!

    The movie has completed the censor formalities and received "U/A" certificate and the run time of the movie is 163 minutes. The combination of Balakrishna and Nayanatara is going to be a major plus for this movie.
  • Australian Open draw: Novak Djokovic, Venus Williams face tough roads

    Williams' quarter also includes fourth-seeded Elina Svitolina and 13th-seeded Sloane Stephens, who won last year's U.S. It doesn't get much easier, as he could face fourth seed Alexander Zverev as early as the fourth round.
    National Football League  playoff picks: Divisional round

    National Football League playoff picks: Divisional round

    But they ran the ball well last week against the Chiefs, and the Patriots are 31st against the run in terms of yards-per-rush. No one really knows what to expect from replacement Nick Foles. "We know we'll need to have our best game Saturday night".
    Trump Orders Plan for Mental Health Care for US Veterans

    Trump Orders Plan for Mental Health Care for US Veterans

    Bush White House put out his exam results, which found he was in the top 2 percent for cardiovascular fitness for men of his age. Ronny Jackson , M.D., who also treated former president Obama , will administer the physical.
  • EPS for Chevron Corporation (CVX) Expected At $1.19

    Shine Investment Advisory Services Inc. acquired a new position in Chevron in the 2nd quarter valued at approximately $106,000. Citigroup Inc stated it has 0% of its portfolio in Weibo Corporation (NASDAQ:WB). 30,754 are held by Taurus Asset Limited Com.
    Hewlett Packard Enterprise Company (HPE)- Outshines Stocks with Rosy Performance Scores

    Hewlett Packard Enterprise Company (HPE)- Outshines Stocks with Rosy Performance Scores

    Archford Capital Strategies LLC raised its position in shares of Hewlett Packard Enterprise by 6,858.7% during the 2nd quarter. US stock index futures pointed to a higher open on Tuesday, boosted by the positive trading sentiment seen in global markets.
    Beutel Goodman & Co LTD Upped Its Cdn Natural Res (CNQ) Holding

    Beutel Goodman & Co LTD Upped Its Cdn Natural Res (CNQ) Holding

    Canadian Natural Resources Limited is an independent crude oil and natural gas exploration, development and production company. Nine equities research analysts have rated the stock with a buy rating and one has issued a strong buy rating to the stock.