Malware uses a feature of Intel processors to steal data and prevent firewalls
Table of contents:
Microsoft's security team has discovered a new malware that takes advantage of Intel's Active Management Technology (AMT) Serial-over-LAN (SOL) interface as a file transfer tool.
Due to Intel AMT SOL technology running, SOL interface traffic bypasses local computer networks, so locally installed firewalls or security products cannot detect or block malware while sending data abroad.
Intel AMT SOL exposes a hidden network interface
This appears to be possible because Intel AMT SOL is part of the Intel ME (Management Engine), a separate processor built into Intel's CPUs, and running its own operating system.
Intel ME runs even when the main processor is off, and while this feature may seem odd, Intel incorporated it to provide remote management capabilities to companies managing large networks of hundreds of computers.
However, the good news is that the Intel AMT SOL interface is disabled by default on all Intel CPUs, so the PC owner or local system administrator has to manually enable this feature. However, Microsoft has discovered malware created by a cyber-espionage group that takes advantage of the interface to steal data from infected computers.
Microsoft did not reveal whether hackers, belonging to a group known as PLATINUM, have found a secret way to enable this feature on infected computers, or if they simply found it active and decided to use it.
Given these facts, Microsoft said that it was able to identify the malware's operation and released an update for Windows Defender ATP in order to detect it before it gains access to the AMT SOL interface.
Intel's compute card will feature apollo lake and kaby lake processors
The Intel Compute Card will feature Apollo Lake and Kaby Lake. Discover new facts about the Intel Compute Card. Read everything now.
Amd wants to prevent the intel bug from damaging its processors
AMD is asking for a modification of the security patches so that the performance of its processors is not affected by the Intel bug.
Chrome adds a feature and uses more ram to protect you from specter
Google continues to work to improve user security, the Internet giant has announced that Chrome offers users from now on Chrome has added a new security feature called site isolation to port users Specter, uses more RAM .