Benjamin Carr, Ph.D. 👨🏻💻🧬<p><a href="https://hachyderm.io/tags/AMD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AMD</span></a> discloses slew of high severity <a href="https://hachyderm.io/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://hachyderm.io/tags/vulnerabilities" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerabilities</span></a> for <a href="https://hachyderm.io/tags/Zen" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Zen</span></a> systems, from the original Zen chips to the latest <a href="https://hachyderm.io/tags/Zen4" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Zen4</span></a> <a href="https://hachyderm.io/tags/CPU" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CPU</span></a>, that attacks <a href="https://hachyderm.io/tags/BIOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BIOS</span></a> chips, we finally have a <a href="https://hachyderm.io/tags/Zenbleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Zenbleed</span></a> fix. AMD is patching the vulnerabilities through new versions of <a href="https://hachyderm.io/tags/AGESA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AGESA</span></a>, for <a href="https://hachyderm.io/tags/Zen2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Zen2</span></a>-based chips, in particular, many of these new AGESAs also patch Zenbleed, including <a href="https://hachyderm.io/tags/Epyc" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Epyc</span></a> <a href="https://hachyderm.io/tags/Server" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Server</span></a> chips <a href="https://bit.ly/3I1JKds" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">bit.ly/3I1JKds</span><span class="invisible"></span></a> <a href="https://www.tomshardware.com/pc-components/cpus/amd-discloses-slew-of-high-severity-security-vulnerabilities-for-zen-chips-that-attack-bios-chips-updates-aim-to-patch-bugs-finally-fix-zenbleed" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">tomshardware.com/pc-components</span><span class="invisible">/cpus/amd-discloses-slew-of-high-severity-security-vulnerabilities-for-zen-chips-that-attack-bios-chips-updates-aim-to-patch-bugs-finally-fix-zenbleed</span></a></p>
101010.pl is one of the many independent Mastodon servers you can use to participate in the fediverse.
101010.pl czyli najstarszy polski serwer Mastodon. Posiadamy wpisy do 2048 znaków.
Administered by:
Server stats:
490active users
101010.pl: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.0-beta.2
#zenbleed
0 posts · 0 participants · 0 posts today
IT News<p>This Week in Security: 1Password, Polyglots, and Roundcube - This week we got news of a security incident at 1Password, and we’re certain we ar... - <a href="https://hackaday.com/2023/10/27/this-week-in-security-1password-polyglots-and-roundcube/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hackaday.com/2023/10/27/this-w</span><span class="invisible">eek-in-security-1password-polyglots-and-roundcube/</span></a> <a href="https://schleuss.online/tags/hackadaycolumns" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hackadaycolumns</span></a> <a href="https://schleuss.online/tags/securityhacks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>securityhacks</span></a> <a href="https://schleuss.online/tags/1password" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>1password</span></a> <a href="https://schleuss.online/tags/roundcube" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>roundcube</span></a> <a href="https://schleuss.online/tags/polyglot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>polyglot</span></a> <a href="https://schleuss.online/tags/zenbleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>zenbleed</span></a> <a href="https://schleuss.online/tags/news" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>news</span></a></p>
DarkCyberman<p><span class="h-card"><a href="https://infosec.exchange/@merill" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>merill</span></a></span> I dislike the additional dependency on Microsoft managed infrastructure. Their track record isn’t great lately given <a href="https://nerdculture.de/tags/solarwinds" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>solarwinds</span></a>, <a href="https://nerdculture.de/tags/bluebleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bluebleed</span></a> and their e-mail/key hack. I can’t even find a reasonable statement about <a href="https://nerdculture.de/tags/zenbleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>zenbleed</span></a> for Azure.</p>
DarkCyberman<p>Can’t find any statement from Microsoft regarding Azure and <a href="https://nerdculture.de/tags/zenbleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>zenbleed</span></a> (CVE-2023-20593) mitigation. At least Aws and google published statements for their clouds.</p>
ricardo :mastodon:<p><a href="https://fosstodon.org/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> Kernel Updated To Add <a href="https://fosstodon.org/tags/Zenbleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Zenbleed</span></a> Fix For Valve's <a href="https://fosstodon.org/tags/SteamDeck" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SteamDeck</span></a> :steamdeck: </p><p><a href="https://www.phoronix.com/news/Linux-Zenbleed-Steam-Deck" rel="nofollow noopener" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">phoronix.com/news/Linux-Zenble</span><span class="invisible">ed-Steam-Deck</span></a></p>
Ubuntu Security<p>On the <span class="h-card"><a href="https://ubuntu.social/@ubuntu" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>ubuntu</span></a></span> <a href="https://fosstodon.org/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a> Podcast this week we look at the AMD <a href="https://fosstodon.org/tags/Zenbleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Zenbleed</span></a> vuln plus we cover security updates for the Linux kernel, a high profile OpenSSH vuln and finally Andrei is back covering recent academic research in machine learning safeguards <a href="https://ubuntusecuritypodcast.org/episode-204/" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="ellipsis">ubuntusecuritypodcast.org/epis</span><span class="invisible">ode-204/</span></a></p>
The Register<p>Unfortunately <span class="h-card"><a href="https://geeknews.chat/@theregister" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>theregister</span></a></span> published misleading and incorrect information that using QEMU (i.e. KVM / Firecracker) mitigates the AMD <a href="https://geeknews.chat/tags/Zenbleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Zenbleed</span></a> exploit.</p><p>_It does not_</p><p>We demo the exploit in a GitHub Action and show how to mitigate it.<br><a href="https://actuated.dev/blog/amd-zenbleed-update-now" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="ellipsis">actuated.dev/blog/amd-zenbleed</span><span class="invisible">-update-now</span></a></p><p><a href="https://geeknews.chat/tags/bot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bot</span></a><br>Original tweet : <a href="https://nitter.it/alexellisuk/status/1685952872125460480" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="ellipsis">nitter.it/alexellisuk/status/1</span><span class="invisible">685952872125460480</span></a></p>
Xavier «X» Santolaria :verified_paw: :donor:<p>📨 Latest issue of my curated <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> and <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> list of resources for week #30/2023 is out! It includes the following and much more:</p><p>➝ 🇷🇺 🇪🇺 <a href="https://infosec.exchange/tags/BlueBravo" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BlueBravo</span></a> Deploys GraphicalProton Backdoor Against European Diplomatic Entities<br>➝ 🇰🇵 💸 <a href="https://infosec.exchange/tags/CoinsPaid" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CoinsPaid</span></a> Blames North Korean Hackers for $37 Million Cryptocurrency Heist<br>➝ 👥 💸 <a href="https://infosec.exchange/tags/BreachForums" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BreachForums</span></a> database and private chats for sale in hacker data breach<br>➝ 🇺🇸 🔓 Up to 11 Million People Hit by <a href="https://infosec.exchange/tags/MOVEit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MOVEit</span></a> Hack at Government Services Firm Maximus<br>➝ 🇦🇺 🇺🇸 Cybersecurity Agencies Warn Against <a href="https://infosec.exchange/tags/IDOR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IDOR</span></a> Bugs Exploited for Data Breaches<br>➝ 🔓 🐧 GameOver(lay): Two Severe <a href="https://infosec.exchange/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> Vulnerabilities Impact 40% of Ubuntu Users<br>➝ 🦠 🗣️ <a href="https://infosec.exchange/tags/Deloitte" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Deloitte</span></a> denies <a href="https://infosec.exchange/tags/Cl0p" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cl0p</span></a> data breach impacted client data in wake of MOVEit attack<br>➝ 🇺🇸 🇨🇳 US Senator Wyden Accuses <a href="https://infosec.exchange/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Microsoft</span></a> of ‘Cybersecurity Negligence’<br>➝ 🇨🇦 🫀 <a href="https://infosec.exchange/tags/CardioComm" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CardioComm</span></a>, a provider of <a href="https://infosec.exchange/tags/ECG" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ECG</span></a> monitoring devices, confirms cyberattack downed its services<br>➝ 🇲🇽 💸 Fenix <a href="https://infosec.exchange/tags/Cybercrime" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybercrime</span></a> Group Poses as Tax Authorities to Target Latin American Users<br>➝ 🇺🇸 💰 <a href="https://infosec.exchange/tags/SEC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SEC</span></a> now requires companies to disclose cyberattacks in 4 days<br>➝ ✨ 👀 <a href="https://infosec.exchange/tags/NATO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NATO</span></a> investigates alleged data theft by <a href="https://infosec.exchange/tags/SiegedSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SiegedSec</span></a> hackers<br>➝ 🇷🇺 ⚖️ Russian Cybersecurity Firm Founder Jailed for 14 Years<br>➝ 🇳🇱 ⚓️ Maritime Cyberattack Database Launched by Dutch University<br>➝ 🦠 🍏 Realst Mac <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malware</span></a> targets macOS <a href="https://infosec.exchange/tags/Sonoma" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Sonoma</span></a><br>➝ 🔐 📝 <a href="https://infosec.exchange/tags/IBM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IBM</span></a> Report: Half of Breached Organizations Unwilling to Increase Security Spend Despite Soaring Breach Costs<br>➝ 🇳🇱 🚔 Researchers find deliberate <a href="https://infosec.exchange/tags/backdoor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>backdoor</span></a> in police radio <a href="https://infosec.exchange/tags/encryption" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>encryption</span></a> algorithm<br>➝ 🇰🇵 🥷🏻 <a href="https://infosec.exchange/tags/JumpCloud" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>JumpCloud</span></a> hack linked to <a href="https://infosec.exchange/tags/NorthKorea" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NorthKorea</span></a> after <a href="https://infosec.exchange/tags/OPSEC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OPSEC</span></a> mistake<br>➝ 🩹 <a href="https://infosec.exchange/tags/Ivanti" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ivanti</span></a> patches MobileIron zero-day bug exploited in attacks<br>➝ 🇳🇴 🥷🏻 <a href="https://infosec.exchange/tags/Norway" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Norway</span></a> government ministries hit by cyber attack<br>➝ 🧘🏻 🩸 <a href="https://infosec.exchange/tags/Zenbleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Zenbleed</span></a> attack leaks sensitive data from <a href="https://infosec.exchange/tags/AMD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AMD</span></a> Zen2 processors<br>➝ 🩹 🍏 <a href="https://infosec.exchange/tags/Apple" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Apple</span></a> fixes new zero-day used in attacks against iPhones, Macs<br>➝ 🦠 🏦 <a href="https://infosec.exchange/tags/Banking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Banking</span></a> Sector Targeted in Open-Source Software Supply Chain Attacks</p><p><a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensource</span></a> <a href="https://infosec.exchange/tags/TETRA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TETRA</span></a> <a href="https://infosec.exchange/tags/IoT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IoT</span></a> <a href="https://infosec.exchange/tags/MIoT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MIoT</span></a> <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> </p> <p>📚 This week's recommended reading is: "Evading EDR: A Comprehensive Guide to Defeating Endpoint Detection Systems" by Matt Hand</p> <p>Subscribe to the <a href="https://infosec.exchange/tags/infosecMASHUP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosecMASHUP</span></a> newsletter to have it piping hot in your inbox every week-end ⬇️</p><p><a href="https://infosec-mashup.santolaria.net/p/infosec-mashup-week-302023" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">infosec-mashup.santolaria.net/</span><span class="invisible">p/infosec-mashup-week-302023</span></a></p>
Harry Sintonen<p><a href="https://infosec.exchange/tags/Debian" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Debian</span></a> has released a mitigation for the <a href="https://infosec.exchange/tags/zenbleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>zenbleed</span></a> vulnerability CVE-2023-20593: "[DSA 5461-1] linux security update"</p><p>This kernel update will identify if the CPU is affected (and no microcode update has been installed) and enable the "chicken bit" if needed.</p><p><a href="https://lists.debian.org/debian-security-announce/2023/msg00153.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">lists.debian.org/debian-securi</span><span class="invisible">ty-announce/2023/msg00153.html</span></a></p>
IT News<p>This Week in Security: Zenbleed, Web Integrity, and More! - Up first is Zenbleed, a particularly worrying speculative execution bug, that unfo... - <a href="https://hackaday.com/2023/07/28/this-week-in-security-zenbleed-web-integrity-and-more/" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hackaday.com/2023/07/28/this-w</span><span class="invisible">eek-in-security-zenbleed-web-integrity-and-more/</span></a> <a href="https://schleuss.online/tags/thisweekinsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>thisweekinsecurity</span></a> <a href="https://schleuss.online/tags/hackadaycolumns" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hackadaycolumns</span></a> <a href="https://schleuss.online/tags/securityhacks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>securityhacks</span></a> <a href="https://schleuss.online/tags/zenbleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>zenbleed</span></a> <a href="https://schleuss.online/tags/ubuntu" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ubuntu</span></a></p>
XCP-ng<p>July Security Updates! 🚀</p><p>This one is rather crucial is you are running AMD EPYC CPUs, due to a fix in <a href="https://social.vates.tech/tags/zenbleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>zenbleed</span></a> via a CPU microcode update.</p><p>Read the details here:</p><p><a href="https://xcp-ng.org/blog/2023/07/27/july-2023-security-update-zenbleed/" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="ellipsis">xcp-ng.org/blog/2023/07/27/jul</span><span class="invisible">y-2023-security-update-zenbleed/</span></a></p>
AlmaLinux<p>We have seen a ton of testing and no reported errors, so we are releasing our <a href="https://fosstodon.org/tags/Zenbleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Zenbleed</span></a> patches tomorrow at 7am eastern US time. Get the details and join the conversation here: <a href="https://almalinux.discourse.group/t/zenbleed-patch-release-7am-eastern-us-time-7-27-23/2802" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="ellipsis">almalinux.discourse.group/t/ze</span><span class="invisible">nbleed-patch-release-7am-eastern-us-time-7-27-23/2802</span></a> <a href="https://fosstodon.org/tags/linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>linux</span></a></p>
ChiefGyk3D<p>We have a huge <a href="https://social.chiefgyk3d.com/tags/AMD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AMD</span></a> vulnerability discovered called <a href="https://social.chiefgyk3d.com/tags/Zenbleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Zenbleed</span></a>. Patches are already available in <a href="https://social.chiefgyk3d.com/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> but not <a href="https://social.chiefgyk3d.com/tags/Windows" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Windows</span></a> and official updates may not be until October</p><p><a href="https://social.chiefgyk3d.com/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://social.chiefgyk3d.com/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> </p><p><a href="https://www.xda-developers.com/zenbleed/" rel="nofollow noopener" target="_blank"><span class="invisible">https://www.</span><span class="">xda-developers.com/zenbleed/</span><span class="invisible"></span></a></p>
John Carlsen 🇺🇸🇳🇱🇪🇺<p><span class="h-card"><a href="https://mstdn.io/@deutrino" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>deutrino</span></a></span> </p><p>Just this week I had reflected on how <a href="https://sfba.social/tags/AMD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AMD</span></a> <a href="https://sfba.social/tags/Zen" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Zen</span></a> processors are in most of the current generation of <a href="https://sfba.social/tags/VideoGame" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VideoGame</span></a> systems (other than Nintendo Switch).</p><p><a href="http://syncopate.us/articles/2007/b02a" rel="nofollow noopener" target="_blank"><span class="invisible">http://</span><span class="ellipsis">syncopate.us/articles/2007/b02</span><span class="invisible">a</span></a> </p><p>Until the <a href="https://sfba.social/tags/ZenBleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ZenBleed</span></a> exploit can be neutralized, better not browse web sites on those systems.</p><p><a href="https://sfba.social/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a></p>
Thomas Hurst<p>Here's an rc script for <a href="https://hachyderm.io/tags/FreeBSD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FreeBSD</span></a> to apply (and remove) the <a href="https://hachyderm.io/tags/Zenbleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Zenbleed</span></a> MSR "chicken bit" workaround.</p><p>Simply drop in /usr/local/etc/rc.d/zenbleed_workaround, run `service zenbleed_workaround enable` and then `service zenbleed_workaround start`.</p><p><a href="https://gist.github.com/Freaky/2560975d3c94246b86f464b8be75c967" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="ellipsis">gist.github.com/Freaky/2560975</span><span class="invisible">d3c94246b86f464b8be75c967</span></a></p>
deutrino<p>Encryption-breaking, password-leaking bug in many AMD CPUs could take months to fix</p><p>Zen 2 processors don't properly recover from certain kinds of mispredictions, which is the bug that <a href="https://mstdn.io/tags/Zenbleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Zenbleed</span></a> exploits to do its thing. The bug affects all processors based on AMD's Zen 2 architecture.</p><p>The exploit can be triggered by loading JavaScript on a malicious website, but at least for now, there don't seem to be any cases of this bug being exploited in the wild.</p><p><a href="https://arstechnica.com/information-technology/2023/07/encryption-breaking-password-leaking-bug-in-many-amd-cpus-could-take-months-to-fix/" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="ellipsis">arstechnica.com/information-te</span><span class="invisible">chnology/2023/07/encryption-breaking-password-leaking-bug-in-many-amd-cpus-could-take-months-to-fix/</span></a></p><p><a href="https://mstdn.io/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://mstdn.io/tags/AMD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AMD</span></a></p>
hachi<span class="h-card"><a class="u-url mention" href="https://gameliberty.club/@xianc78" rel="nofollow noopener" target="_blank">@<span>xianc78</span></a></span> Men's rights activists are just a bunch of horny men that want to dominate women. This post is exact proof. He just complains that women have opinions on things and that makes him mad.<br><br>You also have people like <span class="h-card"><a class="u-url mention" href="https://detroitriotcity.com/users/ArdainianRight" rel="nofollow noopener" target="_blank">@<span>ArdainianRight</span></a></span> who just recently said that women should be forced to shave.<br><br><a class="hashtag" href="https://detroitriotcity.com/tag/lgbtrights" rel="nofollow noopener" target="_blank">#LGBTRights</a> <a class="hashtag" href="https://detroitriotcity.com/tag/transrights" rel="nofollow noopener" target="_blank">#TransRights</a> <a class="hashtag" href="https://detroitriotcity.com/tag/transrightsarehumanrights" rel="nofollow noopener" target="_blank">#TransRightsAreHumanRights</a> <a class="hashtag" href="https://detroitriotcity.com/tag/queergenocide" rel="nofollow noopener" target="_blank">#QueerGenocide</a> <a class="hashtag" href="https://detroitriotcity.com/tag/blacklivesmatter" rel="nofollow noopener" target="_blank">#BlackLivesMatter</a> <a class="hashtag" href="https://detroitriotcity.com/tag/stopasianhate" rel="nofollow noopener" target="_blank">#StopAsianHate</a> <a class="hashtag" href="https://detroitriotcity.com/tag/disabilityrights" rel="nofollow noopener" target="_blank">#DisabilityRights</a> <a class="hashtag" href="https://detroitriotcity.com/tag/genocide" rel="nofollow noopener" target="_blank">#Genocide</a> <a class="hashtag" href="https://detroitriotcity.com/tag/eugenics" rel="nofollow noopener" target="_blank">#Eugenics</a> <a class="hashtag" href="https://detroitriotcity.com/tag/racism" rel="nofollow noopener" target="_blank">#Racism</a> <a class="hashtag" href="https://detroitriotcity.com/tag/sexism" rel="nofollow noopener" target="_blank">#Sexism</a> <a class="hashtag" href="https://detroitriotcity.com/tag/ableism" rel="nofollow noopener" target="_blank">#Ableism</a> <a class="hashtag" href="https://detroitriotcity.com/tag/sanism" rel="nofollow noopener" target="_blank">#Sanism</a> <a class="hashtag" href="https://detroitriotcity.com/tag/silenceisviolence" rel="nofollow noopener" target="_blank">#SilenceIsViolence</a> <a class="hashtag" href="https://detroitriotcity.com/tag/ignoranceisviolence" rel="nofollow noopener" target="_blank">#IgnoranceIsViolence</a> <a class="hashtag" href="https://detroitriotcity.com/tag/stoptransgenocide" rel="nofollow noopener" target="_blank">#StopTransGenocide</a> <a class="hashtag" href="https://detroitriotcity.com/tag/transgenocide" rel="nofollow noopener" target="_blank">#TransGenocide</a> <a class="hashtag" href="https://detroitriotcity.com/tag/autisticgenocide" rel="nofollow noopener" target="_blank">#AutisticGenocide</a> <a class="hashtag" href="https://detroitriotcity.com/tag/blackgenocide" rel="nofollow noopener" target="_blank">#BlackGenocide</a> <a class="hashtag" href="https://detroitriotcity.com/tag/socialjustice" rel="nofollow noopener" target="_blank">#SocialJustice</a> <a class="hashtag" href="https://detroitriotcity.com/tag/womensrights" rel="nofollow noopener" target="_blank">#WomensRights</a> <a class="hashtag" href="https://detroitriotcity.com/tag/nonbinaryrights" rel="nofollow noopener" target="_blank">#NonBinaryRights</a> <a class="hashtag" href="https://detroitriotcity.com/tag/sexworkiswork" rel="nofollow noopener" target="_blank">#SexWorkIsWork</a> <a class="hashtag" href="https://detroitriotcity.com/tag/pluralrights" rel="nofollow noopener" target="_blank">#PluralRights</a> <a class="hashtag" href="https://detroitriotcity.com/tag/multiplicity" rel="nofollow noopener" target="_blank">#Multiplicity</a> <a class="hashtag" href="https://detroitriotcity.com/tag/endgop" rel="nofollow noopener" target="_blank">#EndGOP</a> <a class="hashtag" href="https://detroitriotcity.com/tag/endwhitesupremacy" rel="nofollow noopener" target="_blank">#EndWhiteSupremacy</a> <a class="hashtag" href="https://detroitriotcity.com/tag/republicansarenazis" rel="nofollow noopener" target="_blank">#RepublicansAreNazis</a> <a class="hashtag" href="https://detroitriotcity.com/tag/conservativesarenazis" rel="nofollow noopener" target="_blank">#ConservativesAreNazis</a> <a class="hashtag" href="https://detroitriotcity.com/tag/centristsarenazis" rel="nofollow noopener" target="_blank">#CentristsAreNazis</a> <a class="hashtag" href="https://detroitriotcity.com/tag/libertariansarenazis" rel="nofollow noopener" target="_blank">#LibertariansAreNazis</a> <a class="hashtag" href="https://detroitriotcity.com/tag/apoliticismisviolence" rel="nofollow noopener" target="_blank">#ApoliticismIsViolence</a> <a class="hashtag" href="https://detroitriotcity.com/tag/silenceisgenocide" rel="nofollow noopener" target="_blank">#SilenceIsGenocide</a> <a class="hashtag" href="https://detroitriotcity.com/tag/indigenousrights" rel="nofollow noopener" target="_blank">#IndigenousRights</a> <a class="hashtag" href="https://detroitriotcity.com/tag/romarights" rel="nofollow noopener" target="_blank">#RomaRights</a> <a class="hashtag" href="https://detroitriotcity.com/tag/pride" rel="nofollow noopener" target="_blank">#Pride</a> <a class="hashtag" href="https://detroitriotcity.com/tag/prideseason" rel="nofollow noopener" target="_blank">#PrideSeason</a> <a class="hashtag" href="https://detroitriotcity.com/tag/introductions" rel="nofollow noopener" target="_blank">#Introductions</a> <a class="hashtag" href="https://detroitriotcity.com/tag/newhere" rel="nofollow noopener" target="_blank">#NewHere</a> <a class="hashtag" href="https://detroitriotcity.com/tag/人増えてきたし自己紹介しようぜ" rel="nofollow noopener" target="_blank">#人増えてきたし自己紹介しようぜ</a> <a class="hashtag" href="https://detroitriotcity.com/tag/今更ですが自己紹介します" rel="nofollow noopener" target="_blank">#今更ですが自己紹介します</a> <a class="hashtag" href="https://detroitriotcity.com/tag/この子ひとりで自分を認識してもらえそうなうちの子見せて欲しい" rel="nofollow noopener" target="_blank">#この子ひとりで自分を認識してもらえそうなうちの子見せて欲しい</a> <a class="hashtag" href="https://detroitriotcity.com/tag/アイマス18周年パーティ中" rel="nofollow noopener" target="_blank">#アイマス18周年パーティ中</a> <a class="hashtag" href="https://detroitriotcity.com/tag/お絵描き部ワンドロ" rel="nofollow noopener" target="_blank">#お絵描き部ワンドロ</a> <a class="hashtag" href="https://detroitriotcity.com/tag/このタグをみた人は好きな寿司ネタを答える" rel="nofollow noopener" target="_blank">#このタグをみた人は好きな寿司ネタを答える</a> <a class="hashtag" href="https://detroitriotcity.com/tag/tongueouttuesday" rel="nofollow noopener" target="_blank">#TongueOutTuesday</a> <a class="hashtag" href="https://detroitriotcity.com/tag/幻日のヨハネ" rel="nofollow noopener" target="_blank">#幻日のヨハネ</a> <a class="hashtag" href="https://detroitriotcity.com/tag/christian" rel="nofollow noopener" target="_blank">#christian</a> <a class="hashtag" href="https://detroitriotcity.com/tag/smbe23" rel="nofollow noopener" target="_blank">#SMBE23</a> <a class="hashtag" href="https://detroitriotcity.com/tag/ノートのネタ帳" rel="nofollow noopener" target="_blank">#ノートのネタ帳</a> <a class="hashtag" href="https://detroitriotcity.com/tag/ドラマ" rel="nofollow noopener" target="_blank">#ドラマ</a> <a class="hashtag" href="https://detroitriotcity.com/tag/realistic" rel="nofollow noopener" target="_blank">#realistic</a> <a class="hashtag" href="https://detroitriotcity.com/tag/bidenomics" rel="nofollow noopener" target="_blank">#Bidenomics</a> <a class="hashtag" href="https://detroitriotcity.com/tag/baystars" rel="nofollow noopener" target="_blank">#baystars</a> <a class="hashtag" href="https://detroitriotcity.com/tag/あかあむ村ぬい撮り部" rel="nofollow noopener" target="_blank">#あかあむ村ぬい撮り部</a> <a class="hashtag" href="https://detroitriotcity.com/tag/あかあむ村運動部" rel="nofollow noopener" target="_blank">#あかあむ村運動部</a> <a class="hashtag" href="https://detroitriotcity.com/tag/webdesign" rel="nofollow noopener" target="_blank">#webdesign</a> <a class="hashtag" href="https://detroitriotcity.com/tag/manchester" rel="nofollow noopener" target="_blank">#manchester</a> <a class="hashtag" href="https://detroitriotcity.com/tag/artforsale" rel="nofollow noopener" target="_blank">#artforsale</a> <a class="hashtag" href="https://detroitriotcity.com/tag/このタグをみた人は好きな天ぷらを答える" rel="nofollow noopener" target="_blank">#このタグをみた人は好きな天ぷらを答える</a> <a class="hashtag" href="https://detroitriotcity.com/tag/zenbleed" rel="nofollow noopener" target="_blank">#zenbleed</a> <a class="hashtag" href="https://detroitriotcity.com/tag/mondayactionmovie" rel="nofollow noopener" target="_blank">#mondayactionmovie</a> <a class="hashtag" href="https://detroitriotcity.com/tag/marinespeciesasong" rel="nofollow noopener" target="_blank">#marinespeciesasong</a> <a class="hashtag" href="https://detroitriotcity.com/tag/アヒーッ" rel="nofollow noopener" target="_blank">#アヒーッ</a> <a class="hashtag" href="https://detroitriotcity.com/tag/tuesday" rel="nofollow noopener" target="_blank">#tuesday</a> <a class="hashtag" href="https://detroitriotcity.com/tag/このタグを見た人は好きな天ぷらを答える" rel="nofollow noopener" target="_blank">#このタグを見た人は好きな天ぷらを答える</a> <a class="hashtag" href="https://detroitriotcity.com/tag/rebrandedwithnox" rel="nofollow noopener" target="_blank">#rebrandedwithnox</a> <a class="hashtag" href="https://detroitriotcity.com/tag/grandprixtve" rel="nofollow noopener" target="_blank">#grandprixtve</a> <a class="hashtag" href="https://detroitriotcity.com/tag/thicktrunktuesday" rel="nofollow noopener" target="_blank">#thicktrunktuesday</a> <a class="hashtag" href="https://detroitriotcity.com/tag/episode8" rel="nofollow noopener" target="_blank">#episode8</a> <a class="hashtag" href="https://detroitriotcity.com/tag/episode5" rel="nofollow noopener" target="_blank">#episode5</a> <a class="hashtag" href="https://detroitriotcity.com/tag/kor" rel="nofollow noopener" target="_blank">#kor</a> <a class="hashtag" href="https://detroitriotcity.com/tag/episode2" rel="nofollow noopener" target="_blank">#Episode2</a> <a class="hashtag" href="https://detroitriotcity.com/tag/episode6" rel="nofollow noopener" target="_blank">#episode6</a> <a class="hashtag" href="https://detroitriotcity.com/tag/登山" rel="nofollow noopener" target="_blank">#登山</a> <a class="hashtag" href="https://detroitriotcity.com/tag/nzl" rel="nofollow noopener" target="_blank">#nzl</a> <a class="hashtag" href="https://detroitriotcity.com/tag/fediforum" rel="nofollow noopener" target="_blank">#fediforum</a><span class="quote-inline"><br><br>RE: <a href="https://gameliberty.club/users/xianc78/statuses/110777880217895637" rel="nofollow noopener" target="_blank">https://gameliberty.club/users/xianc78/statuses/110777880217895637</a></span>
Harry Sintonen<p>There will be new <a href="https://infosec.exchange/tags/linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>linux</span></a> <a href="https://infosec.exchange/tags/kernel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>kernel</span></a> that enables the chicken bit if the corrective microcode has not been applied. This mitigation will take care of the <a href="https://infosec.exchange/tags/zenbleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>zenbleed</span></a> (CVE-2023-20593) <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> until the <a href="https://infosec.exchange/tags/microcode" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>microcode</span></a> updates are eventually released by <a href="https://infosec.exchange/tags/AMD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AMD</span></a>. Distros will likely be releasing new kernel images shortly.</p><p><a href="https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=522b1d69219d8f083173819fde04f994aa051a98" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">git.kernel.org/pub/scm/linux/k</span><span class="invisible">ernel/git/torvalds/linux.git/commit/?id=522b1d69219d8f083173819fde04f994aa051a98</span></a></p>
IT News<p>Encryption-breaking, password-leaking bug in many AMD CPUs could take months to fix - Enlarge (credit: AMD) </p><p>A recently disclosed bug in many of AMD'... - <a href="https://arstechnica.com/?p=1956383" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="">arstechnica.com/?p=1956383</span><span class="invisible"></span></a> <a href="https://schleuss.online/tags/ryzen53600" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ryzen53600</span></a> <a href="https://schleuss.online/tags/ryzen3000" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ryzen3000</span></a> <a href="https://schleuss.online/tags/ryzen4000" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ryzen4000</span></a> <a href="https://schleuss.online/tags/ryzen5000" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ryzen5000</span></a> <a href="https://schleuss.online/tags/ryzen7000" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ryzen7000</span></a> <a href="https://schleuss.online/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://schleuss.online/tags/amdryzen" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>amdryzen</span></a> <a href="https://schleuss.online/tags/meltdown" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>meltdown</span></a> <a href="https://schleuss.online/tags/zenbleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>zenbleed</span></a> <a href="https://schleuss.online/tags/biz" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>biz</span></a> <a href="https://schleuss.online/tags/tech" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tech</span></a> <a href="https://schleuss.online/tags/zen2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>zen2</span></a></p>
Alpine Linux :alpine:<p>The <a href="https://fosstodon.org/tags/zenbleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>zenbleed</span></a> vulnerability (CVE-2023-20593) has been patched in edge and stable versions v3.15-v3.18 in <a href="https://fosstodon.org/tags/AlpineLinux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AlpineLinux</span></a>. Make sure that the amd-ucode package is installed so that you get ucode updates. For consumer CPUs, AMD will only provide updates later this year. The latest kernel version will automatically toggle the chicken bit if the relevant ucode upgrades have not been applied.</p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload