New NetCAT CPU side-channel vulnerability exploitable over the network

By GIXnews

Researchers have found yet another CPU feature that can be abused to leak potentially sensitive data, but this time with a twist: The attacker doesn’t need to have local access on the targeted machine because the attack works over the network.

[ Find out how 4 deception tools deliver truer network security. | Get the latest from CSO by signing up for our newsletters. ]

The culprit is Intel’s Data Direct I/O (DDIO) technology, which gives peripheral devices such as network cards direct access to the processor’s internal cache to achieve better performance, less power consumption, and higher data throughput. Before DDIO, these devices exchanged data with the CPU through RAM, whose latency can be a bottleneck.

To read this article in full, please click here

Source:: IT news – Security