Phone : +91 9582 90 7788 | Email : sales@itmonteur.net

Register & Request Quote | Submit Support Ticket

Home » Cyber Security News » NetSpectre — New Remote Spectre Attack Steals Data Over the Network

NetSpectre — New Remote Spectre Attack Steals Data Over the Network

A team of security researchers has discovered a new Spectre attack that can be launched over the network, unlike all other Spectre variants that require some form of local code execution on the target system.

Dubbed “NetSpectre,” the new remote side-channel attack, which is related to Spectre variant 1, abuses speculative execution to perform bounds-check bypass and can be used to defeat address-space layout randomization on the remote system.

If you’re unaware, the original Spectre Variant 1 flaw (CVE-2017-5753), which was reported earlier this year along with another Spectre and Meltdown flaws, leverages speculative stores to create speculative buffer overflows in the CPU store cache.

Speculative execution is a core component of modern processors design that speculatively executes instructions based on assumptions that are considered likely to be true. If the assumptions come out to be valid, the execution continues and is discarded if not.

This issue could allow an attacker to write and execute malicious code that could potentially be exploited to extract data from previously-secured CPU memory, including passwords, cryptographic keys, and other sensitive information.

Instead of relying on covert cache channel, researchers demonstrated NetSpectre attack using the AVX-based covert channel that allowed them to capture data at a deficient speed of 60 bits per hour from the target system.

The netspectre attack could allow attackers to read arbitrary memory from the systems available on the network containing the required Spectre gadgets—a code that performs operations like reading through an array in a loop with bounds check on each iteration.

To do so, all a remote attacker needs to do is sending a series of crafted requests to the target machine and measures the response time to leak a secret value from the machine’s memory.

The team reported this vulnerability to Intel in March this year, and the NewSpectre attack was fixed by Intel during the initial set of patches for the speculative-execution design blunders.

So, if you have already updated your code and applications to mitigate previous Spectre exploits, you should not worry about the NetSpectre attack.

The details of the NewSpectre attack comes almost two weeks after Intel paid out a $100,000 bug bounty to a team of researchers for finding and reporting new processor vulnerabilities that were also related to Spectre variant one.

In May this year, security researchers from Microsoft and Google also reported a Spectre Variant 4 impacting modern CPUs in millions of computers, including those marketed by Apple.

No malware has so far been found exploiting any of the Spectre or Meltdown variants, or their sub-variants, in the wild.

Information Security - InfoSec - Cyber Security - Firewall Providers Company in India

 

What is Firewall? A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies. At its most basic, a firewall is essentially the barrier that sits between a private internal network and the public Internet.

 

Secure your network at the gateway against threats such as intrusions, Viruses, Spyware, Worms, Trojans, Adware, Keyloggers, Malicious Mobile Code (MMC), and other dangerous applications for total protection in a convenient, affordable subscription-based service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services. Stateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols.

 

Firewall Firm is an IT Monteur Firewall Company provides Managed Firewall Support, Firewall providers , Firewall Security Service Provider, Network Security Services, Firewall Solutions India , New Delhi - India's capital territory , Mumbai - Bombay , Kolkata - Calcutta , Chennai - Madras , Bangaluru - Bangalore , Bhubaneswar, Ahmedabad, Hyderabad, Pune, Surat, Jaipur, Firewall Service Providers in India

Sales Number : +91 9582 90 7788 | Support Number : +91-9654016484
Sales Email : sales@itmonteur.net | Support Email : support@itmonteur.net

Register & Request Quote | Submit Support Ticket