Uncategorized

ME Analyzer 1.48.0 released

https://github.com/platomav/MEAnalyzer

Standard
Uncategorized

PTSecurity: how to run code in Intel ME

Thursday, January 18, 2018
How to hack a disabled computer or run code in Intel ME
At the recent Black Hat Europe conference, Positive Technologies researchers Mark Ermolov and Maxim Goryachy spoke about the vulnerability in Intel Management Engine 11 , which opens up access to most of the data and processes on the device. This level of access also means that any attacker exploiting this vulnerability, bypassing traditional software-based protection, will be able to conduct attacks even when the computer is turned off. Today we publish in our blog the details of the study.[…]

http://blog.ptsecurity.ru/2018/01/intel-me.html

https://translate.google.com/translate?hl=en&sl=ru&u=http://blog.ptsecurity.ru/2018/01/intel-me.html

 

Standard
Uncategorized

ME Analyzer 1.42.0 released

https://github.com/platomav/MEAnalyzer

Standard
Uncategorized

F-Secure: new Intel AMT security issue

Intel AMT Security Issue Lets Attackers Bypass Login Credentials in Corporate Laptops

Intel AMT Security Issue Lets Attackers Bypass Login Credentials in Corporate Laptops
Insecure defaults in Intel AMT allow an intruder to completely bypass user and BIOS passwords and TPM and Bitlocker PINs to backdoor almost any corporate laptop in a matter of seconds.

Helsinki, Finland – January 12, 2018: F-Secure reports a security issue affecting most corporate laptops that allows an attacker with physical access to backdoor a device in less than 30 seconds. The issue allows the attacker to bypass the need to enter credentials, including BIOS and Bitlocker passwords and TPM pins, and to gain remote access for later exploitation. It exists within Intel’s Active Management Technology (AMT) and potentially affects millions of laptops globally. The security issue “is almost deceptively simple to exploit, but it has incredible destructive potential,” said Harry Sintonen, who investigated the issue in his role as Senior Security Consultant at F-Secure. “In practice, it can give an attacker complete control over an individual’s work laptop, despite even the most extensive security measures.”[…]

 

Standard
Uncategorized

Intel ME at CCC

It appears PTSecurity may have a GUI Debugger for Intel ME??

The “Minix Inside” stickers look great, click on the tweet from frdnd.

Hoping CCC staff does the great job they do ever year and get the videos for these events online quickly! 😉

https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8762.html

https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8782.html

PS: Of course, this isn’t all that is happening at CCC. There are multiple other interesting talks, eg:

 

https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9111.html
https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9056.html
https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9205.html
https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8725.html
https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9207.html
https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8920.html
https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8950.html
https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9237.html
https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9202.html
https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9195.html
https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8784.html
https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8831.html
https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9159.html
https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9058.html
https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8956.html

 

Standard