Thunderbolt flaw allows a hacker to obtain access to a PC's data within minutes
By Ather Fawaz @AtherFawaz · May 11, 2020
By Ather Fawaz @AtherFawaz · May 11, 2020
[SHOWTOGROUPS=4,20]
Image via Olesksiy Maksymenko Photography
Last month, we saw a team of researchers uncover a security flaw baked into Microsoft Teams that Для просмотра ссылки Войдиили Зарегистрируйся to a user's data. Now, a security researcher, Для просмотра ссылки Войди или Зарегистрируйся dubbed 'Thunderspy' in the ubiquitous Intel Thunderbolt port. It allows a hacker with brief physical access to the device the ability to access the target's data.
Although Thunderspy requires physical access to the device itself, it is possible even if the device is locked, encrypted, or set to sleep. Для просмотра ссылки Войдиили Зарегистрируйся of Ruytenberg demonstrating the entire procedure in five minutes.
Для просмотра ссылки Войдиили Зарегистрируйся to the report by stating that operating systems in 2019, including Windows 10 1803 RS4 and later, Linux kernel 5.x and later, and MacOS 10.12.4 and later, have implemented Kernel Direct Memory Access (DMA) protection to mitigate and prevent these attacks.
или Зарегистрируйся, Kernal DMA has not been universally implemented and is in fact, incompatible with Thunderbolt peripherals made before 2019.
или Зарегистрируйся.
Ruytenberg and his team say that to fully prevent Thunderspy, one should disable their computer’s Thunderbolt ports from the BIOS. They should also turn off PCs when leaving them unattended, and enable hard drive encryption as well. For now, the researchers have developed an open-source tool for Linux and Windows that tells whether your PC is vulnerable to the attack.
For the tool and further details, you may Для просмотра ссылки Войдиили Зарегистрируйся
[/SHOWTOGROUPS]
Image via Olesksiy Maksymenko Photography
Last month, we saw a team of researchers uncover a security flaw baked into Microsoft Teams that Для просмотра ссылки Войди
Although Thunderspy requires physical access to the device itself, it is possible even if the device is locked, encrypted, or set to sleep. Для просмотра ссылки Войди
Для просмотра ссылки Войди
But Для просмотра ссылки Войди
The researchers also noted devices running macOS are only partially affected by Thunderspy. Perhaps this is yet another reason to add to the list of why Для просмотра ссылки Войди
Ruytenberg and his team say that to fully prevent Thunderspy, one should disable their computer’s Thunderbolt ports from the BIOS. They should also turn off PCs when leaving them unattended, and enable hard drive encryption as well. For now, the researchers have developed an open-source tool for Linux and Windows that tells whether your PC is vulnerable to the attack.
For the tool and further details, you may Для просмотра ссылки Войди
[/SHOWTOGROUPS]
