Spectre attack

Pierluigi Paganini September 13, 2021
New Spook.Js attack allows to bypass Google Chrome Site Isolation protections

Spook.js is a new side-channel attack on modern processors that can allow bypassing Site Isolation protections implemented in Google Chrome. Boffins devised a transient side-channel attack on modern processors, “Spook.js,” that can be abused by threat actors to bypass Site Isolation protections implemented in Google Chrome and Chromium browsers. The technique allows in some cases to steal sensitive […]

Pierluigi Paganini January 20, 2018
Red Hat reverts Spectre (CVE-2017-5715) security updates due to boot issues reported by customers

Red Hat is going to release updates that are reverting previous patches for the Spectre vulnerability (Variant 2, aka CVE-2017-5715). Just after the release of Spectre and Meltdown patches many experts argued a significative impact on performance and stability of systems running them. While Meltdown and Spectre Variant 1 could be theoretically being addressed by […]

Pierluigi Paganini January 06, 2018
Cisco is going to release security patches for Meltdown and Spectre attacks

Cisco is going to release security patches for Meltdown and Spectre attacks, the company is currently investigating its entire products portfolio. Cisco published a security advisory on the CPU Side-Channel information disclosure vulnerabilities that are exploited in the Spectre and Meltdown attacks and announced it is going to release security updates to protect its customers. Switchzilla announced it […]