Social Network For Security Executives: Network, Learn & Collaborate
From a recent webinar, I gathered the very notably important parts into organized sub-parts. This is the first part wherein the major hardware threats and my insights on them are described. Below is the exact portion of the webinar discussing the hardware threats.
Part 1: Major Hardware Attacks
(Read more: Under the hood of Top 4 BYOD Security Technologies: Pros & Cons)
Major Types of Harware Attacks:
1.VMX - Virtual machine Extensions(Instructions on processors with x86 virtualization)
Virtualizations offer 2 levels-
(a.) higher performance & more cost effective eg.Intel
(b.) greater isolation & higher costs eg.IBM
Most of us will use 'a.' vs 'b.' not knowing the underlying threats for the reduced isolation.
2.Bluepill -
A rootkit designed for x86 virtualization. It creates a thin hypervisor/VMM and running the remaining machine virtually. It's almost undetectable, however there was a controversy on this. Hardware assisted virtualization can help malicious software, thus hardware architecture is prime here.
3.Extreme Privilege Escalation
This was demonstrated with modern windows8. Exploitation of platform firmware UEFI using new API (windows 8). Privilege escalation from ring3 to ring0, most privileged level-almost directly communicates with the hardware resources.
4.Stepping p3wns
This attack used resource(printer here) firmware update, that by passes the anti virus at the computer as it's not windows malicious. However when the task is received at printer side, the firmware gets updated to the malicious one. This exploitation enables infecting IP phones etc. which can be a huge concern in 'BYOD' times.
5.Shadow walker(TLB Splitting)
Misuse x86 hardware to hide malware from OS and anti-virus. Infact, even code modifications could not be detected by anti-virus. The flaw-difference between reading the memory and executing it.
(Read more: Hardware Trojans: Sneak Peek into the Future)
For the full-webinar and presentation slide click here
What do you think are the major hardware threats a CISO has to face in practice? Please share in comments below
Started by Maheshkumar Vagadiya Jul 30, 2020. 0 Replies 0 Likes
Share the instances where you were able to convince the Executive management /board that CISO function is enabler rather then a hindrance.Thanks youMaheshContinue
Started by CISO Platform. Last reply by Yogesh Nov 19, 2020. 2 Replies 0 Likes
(question posted on behalf of a CISO member)Has anyone evaluated digital signature (like Docusign), any specific risk/ security areas to be looked into while finalising a vendor? Any and all inputs will be very much appreciated.Continue
Started by CISO Platform. Last reply by ANAND SHRIMALI May 20, 2020. 4 Replies 0 Likes
(question posted on behalf of a CISO member)What are your strategies for using Zoom in your organization after recent vulnerabilities in news about Zoom platform?Related Question: …Continue
Started by CISO Platform. Last reply by Bhushan Deo Mar 20, 2020. 12 Replies 0 Likes
(question posted on behalf of a CISO member)Due to CORONA virus most of the organizations are allowing their employees to work form home.Has any one issued security advisory for work from home ?Continue
Tags: #COVID19
# Manageengine Adaudit Plus -vs- Netwrix Auditor
# Rapid7 Nexpose -vs- Tenable Network Security Nessus
# Algosec Firewall Analyzer -vs- Tufin Orchestration Suite
# Hp Arcsight Siem Solutionarcsight Express -vs- Splunk Enterprise Splunk Cloud Splunk Light
# Cisco Meraki Mx Appliances -vs- Fortinet Fortigate
# Cloud Access Security Broker
# Distributed Denial of Service
# Network Advanced Threat Protection
Follow us
© 2021 Created by CISO Platform.
Powered by
Badges | Report an Issue | Privacy Policy | Terms of Service
You need to be a member of CISO Platform to join the discussion!
Join CISO Platform