It's Black Hat and DEFCON week and it wouldn't be a show without the disclosure of a few big bugs. The winner so far seems to be a new exploit found in Intel's SGX memory encryption technology. Per pre-briefing ahead of a talk happening today, security researchers found a flaw in the Advanced Programmable Interrupt Controller (APIC) that allows them to read uninitialized memory that could contain stale data before it's cleared by the CPU. Unlike Spectre and Meltdown, this isn't a side channel attack. It's a flaw in the CPU architecture. This means that attackers can recover data very quickly. Tests showed a 128-bit AES encryption key could be recovered in less than 2 seconds with 94% accuracy and a 1024-bit RSA key could be nabbed in about a minute and a half with 74% accuracy. Intel is saying the exploit is on their 10th, 11th, and 12th gen processors which includes Ice Lake but no mention of Sapphire Rapids. This and more on this week's episode of the Rundown. Head to GestaltIT.com for show notes.  

Time Stamps:
00:00 - Welcome to the Rundown!
00:49 - MinIO Miffed at Nutanix
03:38 - Netskope Acquires Infiot
7:18 - Nvidia Misses on Inventory Markdown
9:36 - Todd Nightingale Departs Meraki for Fastly
14:56 - Intel has an AEpic Security Problem
26:07 - The Weeks Ahead
27:07 - Thanks for Watching The Rundown

Follow our hosts on Social Media
Tom Hollingsworth: https://www.twitter.com/NetworkingNerd
Stephen Foskett: https://www.twitter.com/SFoskett
Max Mortillaro: https://www.twitter.com/MaxMortillaro  

Follow Gestalt IT Website: https://www.GestaltIT.com/
Twitter: https://www.twitter.com/GestaltIT
LinkedIn: https://www.linkedin.com/company/gestalt-it/

Ver todos los episodios