Tuesday, 16 January, 2018

Intel to head into more trouble as researcher finds new loopholes

Attendees examine a display at the Intel booth during CES 2018 at the Las Vegas Convention Center on 9 January 2018 in Las Vegas Nevada. AFP Intel AMT Security Issue Lets Attackers Bypass BIOS and BitLocker Passwords
Russell Knight | 13 January, 2018, 22:45

Active Management Technology is technology that is used for remote access purposes and with this threat, hackers can get access to corporate laptops in a matter of minutes.

Although AMT vulnerabilities are not new, the researchers say this issue is particularly severe because it affects most Intel laptops, could enable an attacker to gain remote access for later exploitation, and is particularly easy to exploit.

The AMT attack requires physical access to the machine, but the speed at which it can be carried out makes it easily exploitable if the laptop is left unattended. It warned that "millions" of laptops may now be vulnerable to exploitation.

Intel AMT gives users remote monitoring and maintenance of laptops.

F-Secure has notified all relevant OEMs and Intel about the issue.

For more details, see F-Secure's FAQ on the flaw.

To mitigate this issue, organizations can adjust their settings and use a strong AMT password or disable it altogether.

Sintonen recommends that companies configure an AMT password so attackers wouldn't be able to boot via MEBx and compromise the system.

F-Secure has notified Intel, all relevant device manufacturers and the CERT-Coordination Center in the USA about the security issue.

How does the attack work?

In a usual scenario, the BIOS password prevents unauthorized users from accessing the low-level components of a device.

Man Utd's Mourinho has "contempt" for Chelsea's Conte
Nothing riles Jose Mourinho more these days than current comparisons between himself and his soaring City rival Pep Guardiola. We use cookies to give you the best experience on our website and bring you more relevant advertising.

Rollable OLED, Micro LED Wall Are CES Display Tech Standouts
Called "The Wall", the 146-inch 4K TV uses Samsung's Cinema Screen technology, which is designed for movie theatres. Samsung Electronics on Monday introduced "The Wall", the world's first modular microLED television.

Dark Souls remaster coming to PC, XO, PS4, and Switch
Those who play the game on PlayStation 4 Pro, Xbox One X or PC will be able to take advantage of 4K resolution with 60fps. Why all the resolution talk? Dark Souls originally launched in 2011 and became somewhat of a sensation upon release.

At this point a hacker would be able to gain remote access to the system as long as they're able to insert themselves onto the same network segment as the victim. Alternately, disable AMT on the device. IT should also go through all now deployed machines, and organize the same procedure for them. While inspection, if a PC's AMT password is found to be already set to an unknown value, it should be treated with suspicion and appropriate steps should be taken.

Although solid operations security is the first step (don't ever leave your laptop unwatched in an insecure location!), there are some basic safeguards all IT departments should implement. It is unrelated to the recently disclosed Spectre and Meltdown vulnerabilities.

"We reached out to Intel last summer".

"We discovered the issue this summer, and since discovering it, we have found it in thousands of laptops", F-Secure told El Reg.

Intel has now made those fixes, she says.

Intel recommends that vendors require the BIOS password to provision Intel AMT.

However, as this feature comes enabled by default even on consumer devices, it has anxious privacy activists that it can be used as a backdoor or to allow attackers remote access to victims' machines. Even if you think the chance of system penetration via inappropriate local access is minimal, the solution to this problem is to not allow access to the AMT until the proper BIOS password is entered.

Sintonen stumbled upon the issue in July 2017, and notes that researcher Parth Shukla also mentioned it in a more recent talk. Shukla couldn't be immediately reached for comment on F-Secure's research and Intel's mitigation advice. A similar vulnerability has also been previously pointed out by CERT-Bund but with regards to USB provisioning, Sintonen said.

"Intel has provided recommendations to system manufacturers in September 2015 to protect the Intel MEBx with the system BIOS password", it says.

These are not the first AMT security problems to have been discovered. This is probably due to the level of access Intel AMT possesses.

AMT is no stranger to security weaknesses, with many other researchers finding multiple flaws within the system, but Sintonen's discovery surprised even him. It said the flaws were present in many PCs, servers and internet of things platforms with Intel CPUs, including all generations of Intel Core Processors, as well as some Xeon, Atom, Pentium and Celeron CPUs, amongst others.

Recommended

  • Closures, Celebrations Planned for MLK Day

    Closures, Celebrations Planned for MLK Day

    The inaugural event encourages people from all walks of life to work together to find solutions to pressing problems of the day. Brown said the event is pertinent in order for GS to have a presence in the community, and to celebrate the legacy of Dr.
    CES show in Las Vegas draws big names from Silicon Valley

    CES show in Las Vegas draws big names from Silicon Valley

    Attendees attempt to enter Central Hall through exit doors at CES in Las Vegas on Wednesday, Jan. 10th, 2018. Young woman plays violin to entertain attendees at the Intel booth during #CES2018 blackout.
    US issues ultimatum to 'fix' Iran nuclear deal

    US issues ultimatum to 'fix' Iran nuclear deal

    Trump has argued behind the scenes that the nuclear deal makes the United States look weak, a senior USA official said. Mr Trump has repeatedly criticised the accord, while Iran has accused the United States of failing to comply with it.
  • AMP Capital Investors Ltd Increases Stake in Amazon.com, Inc

    With 80,200 avg volume, 12 days are for Zai Lab Limited Ads (NASDAQ:ZLAB)'s short sellers to cover ZLAB's short positions. LeJeune Puetz Investment Counsel LLC acquired a new stake in shares of Amazon.com in the 2nd quarter valued at $116,000.
    Five keys to a Patriots victory over the Titans

    Five keys to a Patriots victory over the Titans

    Even at the age of 40, Brady is the best in the league and his focus, hunger and desire for success doesn't seem to fade away. I talked to current Titans radio analyst Dave McGinnis this week about the game. "I'm just trying to play better every week".
    Battle Royale Mode to be Update with More Points of Interest

    Battle Royale Mode to be Update with More Points of Interest

    This is in addition to unspecified quality-of-life improvements that are described as a "work-in-progress". Epic didn't detail what these are, but they will be listed in the patch notes once the update goes live.
  • Baxter International (NYSE:BAX) Stock Rating Upgraded by JPMorgan Chase & Co

    Balentine LLC now owns 3,176 shares of the company's stock worth $144,000 after buying an additional 356 shares during the period. M&R accumulated 15,427 shares or 0.23% of the stock. 494,250 were accumulated by Connor Clark Lunn Invest Management.
    Pablo Fornals Scores Late as Villarreal Beats Real Madrid 1-0

    Pablo Fornals Scores Late as Villarreal Beats Real Madrid 1-0

    The host had most of the chances under steady rain, but Villarreal also threatened a few times before Fornals found the net. Modric fired high of the Villarreal crossbar in the 80th minute as another good chance came and went for the home side.
    Gamer, 28, kills mom after blaming her for broken headset, police say

    Gamer, 28, kills mom after blaming her for broken headset, police say

    Lydia Nicholson's daughter, Autumn White, told KCRA 3 News her mother had a big heart and always invited people into her home. The 28-year-old started yelling while he was playing video games in his bedroom on Wednesday night, police said.
  • Comcast Corporation (NASDAQ:CMCSA) Shares Sold by ZWJ Investment Counsel Inc

    Addenda Capital Inc decreased Danaher Corp Del (NYSE:DHR) stake by 13,822 shares to 50,365 valued at $4.33M in 2017Q3. Telsey Advisory Group maintained Comcast Corporation (NASDAQ:CMCSA) on Tuesday, January 24 with "Outperform" rating.

    Has $13.02 Million Holdings in Interpublic Group of Companies Inc (NYSE:IPG)

    Argentiere Cap Ag invested in 171,240 shares or 0.51% of the stock. 350 were accumulated by Washington State Bank. (NASDAQ:PEGI). Wall Street is only getting more bullish on the stock, with 9 of analysts who cover IPG having a buy-equivalent rating.
    Cam Newton injured his knee in playoff loss to Saints

    Cam Newton injured his knee in playoff loss to Saints

    Losing to the Saints was a rough way to end the season for the Panthers and their franchise quarterback, Cam Newton . The 2015 NFL MVP slowly got to his feet after a hard hit to the head from Saints defensive tackle David Onyemata .

Progress Software (PRGS) Sees Unusually-High Trading Volume on Strong Earnings Progress Software Corporation (NASDAQ:PRGS)'s market cap, the total dollar value of all of their outstanding shares, is 2400.17m. Amalgamated Bank acquired a new stake in Progress Software during the second quarter valued at approximately $206,000.

Moscow: Trump would make 'big mistake' by leaving Iran deal Moscow: Trump would make 'big mistake' by leaving Iran deal Had Trump made a decision to re-impose sanctions on Iran, it would have been a violation of the nuclear deal. Trump signed a waiver keeping the USA sanctions that would scuttle the deal suspended for another 120 days.

United States embassy in London disagrees with Trump's reason for cancelling UK trip United States  embassy in London disagrees with Trump's reason for cancelling UK trip Foreign Secretary Boris Johnson , a frequent defender of Trump, accused Khan and others of endangering the "crucial relationship". But Foreign Secretary Boris Johnson blamed Khan and Labour Party leader Jeremy Corbyn for discouraging the US leader from coming.

President Winfrey? No way, says Trump: 'I'll beat Oprah' President Winfrey? No way, says Trump: 'I'll beat Oprah' In fact, her fellow billionaire Donald Trump told Larry King in 1999 that Winfrey would be his first choice for vice president. Supermodel Heidi Klum did wear black, but expressed that she would have also chosen red.

United Services Automobile Association Has $6356000 Stake in ConAgra Foods Inc. (CAG) This company shares are 11.55% off its target price of $41.71 and the current market capitalization stands at $15.23B. (NYSE:CAG). The company reported $0.55 earnings per share (EPS) for the quarter, beating the Zacks' consensus estimate of $0.52 by $0.03.

Terrifying false alarm interrupts NBC Premier League broadcast in Hawaii People in Hawaii panicked when they got an emergency alert on their phones warning of an incoming ballistic missile threat . This video captures the moment the alert broke through regular television programming and urged listeners to seek shelter.

Were Analysts Bullish The Goldman Sachs Group, Inc. (NYSE:GS) This Week? Were Analysts Bullish The Goldman Sachs Group, Inc. (NYSE:GS) This Week? Analysts anticipate that Goldman Sachs Group, Inc. will post $19.13 earnings per share for the current year. ( NYSE :GS). The investment management company reported $5.02 EPS for the quarter, beating the consensus estimate of $4.17 by $0.85.

Keep off state's education system, J&K Minister tells army Keep off state's education system, J&K Minister tells army India shares a 3,323-km border with Pakistan, of which 221 km of the IB and 740 km of the LoC fall in Jammu and Kashmir . They do their job well, all problem will be solved", Bukhari added.

Delta Air Lines, Inc. (DAL) Director Francis S. Blake Acquires 3350 Shares Delta Air Lines, Inc. (DAL) Director Francis S. Blake Acquires 3350 Shares Bernstein set a $67.00 price target on Delta Air Lines and gave the company a "buy" rating in a research note on Wednesday. Cortland Advisers Llc bought 1.05M shares as the company's stock declined 10.19% while stock markets rallied. (NYSE:DAL).

Antonio Brown is questionable Antonio Brown is questionable Brown set an National Football League record with 100-plus receptions in five consecutive seasons, including 101 this season. Brown suffered the calf injury early in the December 17 loss to New England and missed the two subsequent games.

VAR to be used for Chelsea-Norwich, Leicester-Fleetwood FA Cup ties VAR to be used for Chelsea-Norwich, Leicester-Fleetwood FA Cup ties If the referee has made a wrong decision and VAR can quickly correct that and get the right outcome then the game will benefit". This was after the technology was used in his side's League Cup tension-soaked semi-final against Chelsea on Wednesday.

YouTube Execs on Logan Paul Scandal: "Actions Should Speak Louder Than Words" YouTube Execs on Logan Paul Scandal: There was an immediately backlash of public outrage, and though the video was quickly taken down, the damage was done. When pressed about whether this was just a cooling off period, Kyncl dodged the topic of future projects with Paul.

Life Time ditches cable news in gyms for "family-oriented environment" Life Time ditches cable news in gyms for Life Time , founded in 1992 by Bahram Akradi, touts a "healthy and happy life for its members", according to its website. Life Time Fitness gyms across the country are giving customers one less thing to sweat about during their workouts.

Jose Mourinho Won't Rule Out Move for Alexis Sanchez Jose Mourinho Won't Rule Out Move for Alexis Sanchez When we just thought that it is a question of "when" rather than "will" Alexis Sanchez join Manchester City , Manchester United had to interfere.

Vuzix Making Alexa-Enabled Smart Glasses, to Debut at CES 2018 Vuzix Making Alexa-Enabled Smart Glasses, to Debut at CES 2018 A new initiative announced in the framework of the exhibition electronics CES 2018, taking place in Las Vegas (NV, USA). Founded in 1997, Vuzix is a public company (NASDAQ: VUZI) with offices in Rochester, NY, Oxford, UK and Tokyo, Japan.