CPU

Hacked Within a Minute

Intel is dominating the cybersecurity headlines again for the wrong reasons.

F-Secure, a Finnish based cybersecurity firm, has reported their researchers discovered an easy manipulation of Intel Active Management Technology, or AMT, which bypasses the login processes. This behavior bug could allow anyone with physical access to your laptop to set up a backdoor in less than a minute.

It doesn’t require any code, nor does it appear as a noticeable change. With a short distraction or moment of inattention, your device could be set up as the gateway into the network it’s connected to.

The best way to mitigate this risk is to use a comprehensive management solution like Syxsense. CMS can manage any device, anytime, all from the cloud.

Within Syxsense, you can create queries to easily see selections of devices based on a multitude of criteria. For instance, if you wanted to see every Intel based laptop within your environment, it would only take a few clicks to do just that.

The device health indicator icons show you, at a glance, which devices require updates. Because these are color coded, you can also quickly see the severity of the updates needed.

As soon as Syxsense has an update from Intel, you’ll see a notification within your console. These alerts ensure you know when new updates arrive. There’s a better way to manager your environment. Get started today.

Protect Yourself from the Worldwide ‘Meltdown’

Reports across the internet are confirming that every CPU since 1995, whether it’s Intel, AMD, ARM, or other, has a major security flaw.

According to Google’s Project Zero, and admissions by the CPU’s own manufactures, there is an issue with how chips handle speculative execution, allowing access to passwords and other sensitive data without leaving a trace.

The two attack vectors that researchers are concerned about are Meltdown and Spectre. It is not entirely certain if security products can even detect these malware. To be clear, there is no evidence of exploitation yet, but researchers are deeply worried. They pointed out that the attacks don’t leave any traces in traditional log files and they are unlikely to be detected by security products.

Attacks using this exploit can be launched against PCs, mobile devices, and servers. Any devices that have CPUs manufactured by Intel, AMD, and ARM are vulnerable. Which, in short, is almost every CPU based device in the world.

Developers are rushing to create updates that will close this vulnerability. It seems Windows and Mac have already slipped in updates that should help mitigate exposure to this vulnerability. But it is believed that Microsoft will release an update within their usual Patch Tuesday content, and that other companies will quickly follow.

We highly recommend Syxsense customers download the latest patch updates to their systems as soon as possible. The required updates are now available within our patch content.

If you aren’t already using Syxsense, ask yourself: Does my IT management tool give me access to the latest content? Does it provide the ability to distribute Microsoft and third party updates? Can you scan and target Windows, Mac, and Linux devices?’

With Syxsense, manage anything, anytime, all from the cloud. Start a trial today.