...In this talk, we reveal a previously unrecognized attack vector that allows a malicious host to execute arbitrary code in confidential VMs without being detected, thereby compromising the guest's confidential data. This attack exploits the ACPI framework to inject ACPI Machine Language (AML) code into confidential VMs, allowing the host to access guest OS memory from inside the VMs. This attack vector not only leads to vulnerabilities in current confidential VMs, but also poses the inherent challenge of trusting proprietary firmware provided by untrusted clouds, which requires a long-term effort to resolve. By: Satoru Takekoshi & Manami Mori Full Abstract and Presentation Materials: https://ift.tt/ksh54iW
source https://www.youtube.com/watch?v=xiirxSDkMBs
-
Unmasking State-Sponsored Mobile Surveillance Malware from Russia, China, and North Korea – Threat Actors, Tactics, and Defense Strategies S...
-
Germany recalled its ambassador to Russia for a week of consultations in Berlin following an alleged hacker attack on Chancellor Olaf Scho...
No comments:
Post a Comment