Intel has an AEpic Security Problem | Gestalt IT Rundown: August 10, 2022

It's Black Hat and DEFCON week and it wouldn't be a show without the disclosure of a few big bugs. The winner so far seems to be a new exploit found in Intel's SGX memory encryption technology. Per pre-briefing ahead of a talk happening today, security researchers found a flaw in the Advanced Programmable Interrupt Controller (APIC) that allows them to read uninitialized memory that could contain stale data before it's cleared by the CPU. Unlike Spectre and Meltdown, this isn't a side channel attack. It's a flaw in the CPU architecture. This means that attackers can recover data very quickly. Tests showed a 128-bit AES encryption key could be recovered in less than 2 seconds with 94% accuracy and a 1024-bit RSA key could be nabbed in about a minute and a half with 74% accuracy. Intel is saying the exploit is on their 10th, 11th, and 12th gen processors which includes Ice Lake but no mention of Sapphire Rapids. This and more on this week's episode of the Rundown. Head to GestaltIT.com for show notes.   Time Stamps: 00:00 - Welcome to the Rundown! 00:49 - MinIO Miffed at Nutanix 03:38 - Netskope Acquires Infiot 7:18 - Nvidia Misses on Inventory Markdown 9:36 - Todd Nightingale Departs Meraki for Fastly 14:56 - Intel has an AEpic Security Problem 26:07 - The Weeks Ahead 27:07 - Thanks for Watching The Rundown Follow our hosts on Social Media Tom Hollingsworth: https://www.twitter.com/NetworkingNerd Stephen Foskett: https://www.twitter.com/SFoskett Max Mortillaro: https://www.twitter.com/MaxMortillaro   Follow Gestalt IT Website: https://www.GestaltIT.com/ Twitter: https://www.twitter.com/GestaltIT LinkedIn: https://www.linkedin.com/company/gestalt-it/