The fine researchers at Google have released the juicy details on EntrySign, the AMD Zen microcode issue we first covered about a month ago. And to give away the punchline: cryptography is hard. It’s hard in lots of ways, but the AMD problem here is all about keeping track of the guarantees provided by cryptographic primitives.
The vulnerability is in the verification of microcode updates for AMD’s Zen processor family. To understand microcode, you have to understand that X86-64 processors are actually built out of proprietary Reduced Instruction Set Computer (RISC) cores, that then emulate the more complex X86-64 complex instruction set computer (CISC) cores. Microcode is the firmware that controls that emulation step. For the security guarantees of modern computing, it’s rather important that CPUs only run signed microcode from the CPUs vendor. AMD has a pretty straightforward system to sign and then verify microcode patches.
Each patch includes a 2048-bit RSA public key and signature, verifying that the microcode was actually signed by the holder of the corresponding private key. The CPU hashes that public key, and compares it to a 128-bit value that was burned into the CPU at manufacture time. The intent is that if the hash matches, the public key must be the same. The problem was the hashing algorithm used for this step.
For this scheme to work, it would need a collision resistant cryptographic hashing function. The security of the scheme relies on the idea that it’s effectively impossible to find another public key that results in the same hash output. Finding a collision on that output value completely breaks the scheme.
AMD chose the AES Cipher Message Authentication Code (AES-CMAC) hash algorithm. AES-CMAC takes a message and key, and generates a Message Authentication Code (MAC). That MAC can then be used to verify that the message has not been tampered with. It can be thought of as a keyed hash with conditional collision resistance. But most importantly, if the secret key is known, none of those guarantees are valid. If the key is known, AES-CMAC fails to provide effective collision resistance in its output. And of course, the specific AES-CMAC key used in AMD Zen processors could be extracted, and turned out to be a NIST example key. To be clear, there is nothing wrong with AES-CMAC itself, it’s just the wrong algorithm for this use.
There’s one more clever trick that was needed to pull this together. The AES-CMAC collision only generates a public RSA key. How would an attacker take this arbitrary public key and produce the private key needed to sign these microcode updates? Isn’t one of the primary guarantees of RSA itself, that the private key can’t be derived from the public key? Only if the keypair is actually based on large prime numbers. After generating a few of these candidate public keys, one was discovered that was relatively easy to factor, as it was the product of more than just two primes. AMD’s fix replaces this hashing function with an appropriate cryptographic hash, preventing any microcode tampering.
Telegram and EvilLoader
The Telegram app has a weird problem deciding what to do with a .htm file sent as a video using the telegram API. Telegram tries to treat it as a video, and offers to open an external program to play the video. Because it’s actually HTML content, the “video” is opened in the browser, potentially running malicious JavaScript in that context.
This can be further used to trick an unsuspecting user into downloading a fake video player APK, to try to play this video, potentially leading to device compromise. This vulnerability is still unpatched as of time of writing, but has been widely known in the expected places. It may not be a 0-click RCE, but this one still has the potential for misuse.
More Info on The Heist
Last week we told you about the biggest heist in history, with Bybit getting hacked for cryptocurrency worth $1.5 billion. We know a bit more now, as the Bybit CEO has published the preliminary security report. The short story is that the North Korean Lazarus Group compromised a Safe{Wallet} developer workstation and gained access to an AWS or CloudFront API key. This was used to serve malicious JavaScript to Bybit, and that JavaScript disguised a malicious transaction, leading to the loss.
In retrospect there’s a glaring security problem with the Safe{Wallet} system that Bybit used: The reliance on JavaScript served from an outside server. It should take more than simple access to an AWS account to pull off a $1.5 billion heist.
Hyperjack
What happens when a process in a Virtual Machine (VM) can escape the virtual environment and take over the hypervisor? Nothing good. It’s known as hyperjacking, and VMware has a trio of vulnerabilities that makes it possible, across every version of ESXi, Workstation, Fusion, and Telco platforms — everything containing the ESX hypervisor.
And VMware says the vulnerabilities are being used in-the-wild. Patches are available, and this seems like a definite hair on fire scenario for anyone that may have untrusted tenants on VMware powered VMs.
Bits and Bytes
Have you ever wondered if a Stingray was operating in your area? That’s the cell tower simulator used to capture and analyze cell traffic, potentially breaking cell phone call encryption. EFF has released Rayhunter, and open source tool that captures cellular traffic and tries to detect Stingray-style traffic manipulation. The best part is that it runs on the Orbic RC400L mobile hotspot, a $20 piece of hardware.
How long does it take for your infrastructure to be probed after accidentally posting an AWS key online? As little as 10 hours, according to tests done by Clutch Security. Some forums are a bit friendlier, with Reddit users pointing out the leaked key and the post eventually getting deleted for the same reason.
And finally we have the four horsemen of WordPress Backdoors. About a thousand WordPress sites were infected with a JavaScript file, and this campaign spared no expense with adding backdoors to the sites. The infection added a malicious plugin, code into wp-config.php, new SSH keys, and what looks like a reverse shell. Somebody really wants to maintain access to those WordPress sites.
This articles is written by : Nermeen Nabil Khear Abdelmalak
All rights reserved to : USAGOLDMIES . www.usagoldmines.com
You can Enjoy surfing our website categories and read more content in many fields you may like .
Why USAGoldMines ?
USAGoldMines is a comprehensive website offering the latest in financial, crypto, and technical news. With specialized sections for each category, it provides readers with up-to-date market insights, investment trends, and technological advancements, making it a valuable resource for investors and enthusiasts in the fast-paced financial world.
By Nermeen Nabil Khear 
