Welcome back to this week's Security bulletin!
Technology gets designed to protect users' sensitive data even when a system is compromised. As we all know that Intel IT plays an essential role in providing services and solutions in the digital environment. All Intel processors released in the past 5 years contain an unpatched vulnerability that allows hackers to compromise hardware-enabled security technology.
This vulnerability gets tracked as "CVE-2019-0090," which is residing under the hardcoded firmware running on the Read Only Memory (ROM) of Intel's CSME (Converged Security and Management Engine) which cannot be patched without replacing the silicon. To improve the performance of Intel CSME, we must continue to perform the security reviews to increase the stability of the firmware. Meanwhile, it seems that CSME is responsible for the initial authentication of Intel-based systems by downloading and checking the firmware components, the secure boot root based on trust, and cryptographic authentication of the BIOS, Microsoft System Guard, Bitlocker and other security features. This issue is patched earlier by Intel, and this (Insufficient access control vulnerability) is not new for the company.
It remains undervalued and is a privileged escalation and arbitrary code execution in Intel CSME firmware modules, but the extent of the flaw remained undervalued. The below Intel products has been affected by the firmware product:
* 6th, 7th, and 8th generation Intel® Core™ Processor Family
* Intel® Xeon® Processor E3-1200 v5 and v6 Product Family
* Intel® Xeon® W processor Family
Most of the security services are built with a suite of cornographic keys and used for high maintenance of confidentiality. The CVE-2019-0090 vulnerability is a root cryptographic key or sort of a master password that could help unlock and compromise a chain of trust for the security technologies. We can prevent the issues by applying all firmware updates.
The Intel CSME versions with Vulnerabilities are 11.x, Intel CSME version 12.0.35, Intel TXE versions 3.x, 4.x, and the Intel Server Platform Services versions with vulnerabilities are 3.x, 4.x, SPS_E3_05.00.04.027.0.
We have to believe that no security system is perfect. Compared with the security measures and architecture Intel's had a problem with the boot ROM. The vulnerability in the first stage of ROM enables the control of chipset key readability and the production of all other encryption keys. Moreover, we can conclude that an attacker can physically login to the system before the booting with the ROM flaw and cannot even patch it with a software update.
The problem is that masks of microprocessors and chipsets cannot fix hard-coded firmware errors in the ROM. The primary issue is that this vulnerability allows for a compromise at the hardware level, which in turn destroys the entire trust network on the platform. Note that the latest Intel 10th-generation processors, the IcePoint chipsets and SoCs, are not vulnerable to this problem.
On a good day, it's hard being a founder. Given today's Internet features and technologies, it is very challenging for us to socialize and live remote lives.
Our environment can be said as healthy while the natural cycle process goes without facing any obstacles. Now in the era of early human life, technological advances have significantly impacted our environment through human-made disasters. But now, we are going through such a critical condition with the Coronavirus (COVID -19).
The researchers noticed a massive increase in domain registration for the past three weeks alone (since February 2020). The average number of new domains is 10 times higher than the average found in previous weeks.
When the world is caught up in the coronavirus pandemic, the role of threatening actors exploiting the opportunity to target victims with scams or malware campaigns has proven to be a blessing.
Cybercriminals use dramatic events to make people emotional or fearful these days to increase their profits, and they like to exploit people in the most vulnerable position.
Out of these domains, 0.8 percent were malicious (93 Websites), and others being suspicious (Over 2,200 websites). In mid-February, when the virus hits across Italy, Spain, and Germany, the Internet speeds in those countries also began to drop unconditionally.
The cybersecurity states that the hackers promote their goods, such as malicious malware or exploiters, by offering special offer sale with "COVID 19' or 'coronaviruses' as discount codes for cyber attacks.
Utility growth from COVID-19 is unprecedented across the industry and experiencing new records for usage almost every day. COVID-19 has taken a lot from us, but it also gives us something special, an opportunity to come together as a humanity to learn and grow together.