Side-channel attacks

Spectre (security vulnerability)

Spectre refers to one of the two original transient execution CPU vulnerabilities (the other being Meltdown), which involve microarchitectural timing side-channel attacks. These affect modern microprocessors that perform branch prediction and other forms of speculation.On most processors, the speculative execution resulting from a branch misprediction may leave observable side effects that may reveal private data to attackers. For example, if the pattern of memory accesses performed by such speculative execution depends on private data, the resulting state of the data cache constitutes a side channel through which an attacker may be able to extract information about the private data using a timing attack. Two Common Vulnerabilities and Exposures IDs related to Spectre, CVE-2017-5753 (bounds check bypass, Spectre-V1, Spectre 1.0) and CVE-2017-5715 (branch target injection, Spectre-V2), have been issued. JIT engines used for JavaScript were found to be vulnerable. A website can read data stored in the browser for another website, or the browser's memory itself. In early 2018, Intel reported that it would redesign its CPUs to help protect against the Spectre and related Meltdown vulnerabilities (especially, Spectre variant 2 and Meltdown, but not Spectre variant 1). On 8 October 2018, Intel was reported to have added hardware and firmware mitigations regarding Spectre and Meltdown vulnerabilities to its latest processors. (Wikipedia).

Spectre (security vulnerability)
Video thumbnail

Intrusion Detection: Part 1

Fundamental concepts of intrusion detection are discussed. Various types of intrusion are analyzed. Password management is explained.

From playlist Network Security

Video thumbnail

Computer Security Terminology

http://www.365computersecuritytraining.com This video is an excerpt from our online training in computer security. It Covers some of the basic terminology used in the information technology security profession. Some of the terms covered are: Vulnerability, Threats, Assets, Risk...and

From playlist awareness

Video thumbnail

Intrusion Detection: Part 2

Fundamental concepts of intrusion detection are discussed. Various types of intrusion are analyzed. Password management is explained.

From playlist Network Security

Video thumbnail

Introduction To Vulnerability Scanning

In this video, I will be introducing you to the process of performing vulnerability scanning, the role it plays in a vulnerability management program, and how it can be used in a penetration test. Vulnerability Scanning is the process of scanning and identifying vulnerabilities, misconfigu

From playlist Nessus

Video thumbnail

How Meltdown and Spectre Make Your Computer Vulnerable

Another year, another security breach that could expose all of your information. Installing updates might be a good New Year's resolution. Check out the Crash Course Computer Science series at youtube.com/crashcourse We're conducting a survey of our viewers! If you have time, please give

From playlist Uploads

Video thumbnail

1.4 Risks in the Internet

From playlist Internet Security for Beginners by Dr. Christoph Meinel

Video thumbnail

Meltdown and Spectre - Professor Mark Handley, UCL

The Meltdown and Spectre vulnerabilities in almost all modern CPUs have received a great deal of publicity in the last week. Operating systems and hypervisors need significant changes to how memory management is performed, CPU firmware needs updating, compilers are being modified to avoid

From playlist Data science classes

Video thumbnail

Security for Modern Webapps: New Web Platform Security Features to Protect your Application

Web applications have historically been plagued by vulnerabilities which allow attackers to compromise the session of a logged-in user: XSS, CSRF, clickjacking and related issues. Luckily, new security mechanisms available in web browsers in 2019 offer exciting features which allow develop

From playlist Security

Video thumbnail

Hacking Livestream #43: Meltdown and Spectre

A much requested live about recent CPU vulnerabilities. A lot of links below. https://googleprojectzero.blogspot.ch/ https://www.youtube.com/watch?v=6O8LTwVfTVs http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table http://www.openwall.com/lists/os

From playlist Gynvael's [EN] Live

Video thumbnail

Kernel Recipes 2019 - CVEs are dead, long live the CVE!

For the Linux kernel, CVEs do not work at all given the rate of fixes being applied and rapidly backported and pushed to users through a huge variety of different ways. The average “request to fix” date for Linux CVEs is -100 days, showing that either no one cares about CVEs for Linux, or

From playlist Kernel Recipes 2019

Video thumbnail

Stanford Seminar - Exploiting modern microarchitectures: Meltdown, Spectre, & other hardware attacks

EE380: Computer Systems Colloquium Seminar Exploiting modern microarchitectures: Meltdown, Spectre, and other hardware attacks Speaker: Jon Masters, Redhat Recently disclosed vulnerabilities against modern high performance computer microarchitectures known as 'Meltdown' and 'Spectre' are

From playlist Stanford EE380-Colloquium on Computer Systems - Seminar Series

Video thumbnail

Application Security Tutorial | Application Security Basics | Cyber Security Tutorial | Simplilearn

In this application tutorial, we will cover application security basics in this cyber security tutorial. We will cover the basic definitions of application security, along with the different types and categories of application security. Next we cover the common application security vulnera

From playlist Cyber Security Playlist [2023 Updated]🔥

Video thumbnail

Spectre Meltdown Vulnerability - How To Check Your System

Hey guys! HackerSploit here back again with another video, in this video, i am going to be showing you how to detect and mitigate the Spectre and Meltdown CVE's on Linux, more specifically Kali Linux. Github Repo: https://github.com/speed47/spectre-meltdown-checker ----------------------

From playlist Linux

Video thumbnail

How To Use Nessus Professional For Ethical Hacking | Session 02 | #cybersecurity

Don’t forget to subscribe! In this project you will learn about how to use Nessus professional for ethical hacking, Nessus is a vulnerability scanner developed by Tenable. Learn how to identify vulnerabilities using Nessus and learn about the working of the tool. Nessus pro vulnerabilit

From playlist Use Nessus Professional For Ethical Hacking

Video thumbnail

Digital security - threats, risks and how to protect yourself | Part I

Support this channel on Patreon https://www.patreon.com/thehatedone Part I of the full talk with Daniel from Safing.io. We discuss the current state of digital security, most common threats, GDPR, artificial intelligence and quantum computing. Monero: 84DYxU8rPzQ88SxQqBF6VBNfPU9c5sjDXfTC

From playlist Security by compartmentalization - learn to protect your privacy effectively

Video thumbnail

What Is Malware? | Malware Explained | What Is Malware And It's Types? | Malware Attack |Simplilearn

In this video on what is malware?, we will get to understand malware explained, what is malware and it's types? We will also know specifically about viruses and trojans, their operation process, types of malicious programs, and how to prevent a malware attack. Through this, we can protect

From playlist Cyber Security Playlist [2023 Updated]🔥

Video thumbnail

Most Common CyberSecurity Threats | CyberSecurity Attacks | CyberSecurity For Beginners |Simplilearn

This video from the cybersecurity domain will acquaint you with the Most Common Cybersecurity Threats faced in today's times. Cybersecurity holds paramount importance in safeguarding our digital data. This video will take you through cybersecurity attacks and how you can prevent them. 🔥Enr

From playlist Cyber Security Playlist [2023 Updated]🔥

Video thumbnail

Kernel Recipes 2019 - Kernel hacking behind closed doors

The recent hardware security vulnerabilites exposed the kernel community to unprecedented restrictions and bureaucrazy. Pure software bugs which only affect the Linux kernel are a completely different category and the kernel community has established and well working ways to handle them.

From playlist Kernel Recipes 2019

Video thumbnail

Bitcoin Q&A: 2FA and Secure Hardware

How secure is Google Authenticator? What are some hardware two-factor authentication options? When will these hardware security options become cheap enough for frontier markets? Chapters 0:00 How secure is Google Authenticator? Can they hack your wallet as a middleman? 2:42 Lack of afford

From playlist English Subtitles - aantonop Videos with subtitles in English

Video thumbnail

Security Vulnerability Mitigations

Security vulnerabilities allow software to be manipulated in such a way that it misbehaves to the benefit of an attacker - security vulnerability mitigations work to thwart attempts to successfully exploit such a vulnerability. This landscape is continually changing in both the types of at

From playlist Security

Related pages

Meltdown (security vulnerability) | Skylake (microarchitecture) | Timing attack | Speculative Store Bypass | RSA (cryptosystem) | Advanced Encryption Standard | Data Encryption Standard