HomeSecurity OperationsApple-designed chips: A hacker's delight

Apple-designed chips: A hacker’s delight

Published on

spot_img

Apple’s Homemade Chips Vulnerable to FLOP and SLAP Attacks

Recent discoveries have brought to light vulnerabilities within Apple’s A and M-series chip sets, putting users at risk of having their credit card information, locations, and other sensitive data compromised while using Safari and Chrome browsers to access sites like iCloud Calendar, Google Maps, and Proton Mail. The vulnerabilities, known as FLOP and SLAP attacks, are the result of the chips’ speculative execution feature, which helps improve performance by predicting the control flow the CPUs should take.

Researchers from the University of Georgia have conducted a thorough analysis of these vulnerabilities and have outlined potential mitigations to address them. FLOP, or Faulty Load Operation Predictor, targets the Load Value Predictor (LVP) in Apple’s chipsets, tricking it into predicting incorrect memory values during speculative execution. This allows attackers to access a wide range of sensitive information, including location history, email content, calendar events, and credit card details. FLOP works on various Apple devices released from 2021 onwards and requires the victim to interact with a malicious page while logged into sensitive websites.

On the other hand, SLAP, or Speculative Load Address Predictor, exploits the Load Address Predictor (LAP) in Apple silicon to predict memory locations and access data from other browser tabs like Gmail, Amazon, and Reddit. While SLAP is limited to Safari and has a narrower scope compared to FLOP, it still poses a threat to user privacy and highlights the risks associated with speculative execution and browser process isolation.

Apple has been made aware of these vulnerabilities, and while reports suggest that they plan to release patches to address the issue, the company has denied any immediate risk to its users. It is essential for Apple users to stay vigilant and take necessary precautions to protect their sensitive data while browsing online.

In conclusion, the discovery of FLOP and SLAP attacks on Apple’s homemade chips serves as a reminder of the constant threats posed by cyber attackers and the importance of implementing robust security measures to safeguard user information. As technology continues to evolve, it is crucial for companies like Apple to prioritize user privacy and security to maintain trust and confidence among their customers.

Source link

Latest articles

Canadian Man Faces Charges in $65 Million Cryptocurrency Hacking Scams

A Canadian man, Andean Medjedovic, found himself at the center of a criminal indictment...

Ransomware payment value decreased by over 30% in 2024

After a year of record payments to cyber criminals, the tide seems to be...

Data breach at Vorwerk: Hackers steal Thermomix user data

In a recent cybersecurity breach, hackers have managed to gain access to user data...

Behavioral Analytics in Cybersecurity: Identifying the Primary Beneficiaries

In the realm of cybersecurity, the cost of a data breach hit a new...

More like this

Canadian Man Faces Charges in $65 Million Cryptocurrency Hacking Scams

A Canadian man, Andean Medjedovic, found himself at the center of a criminal indictment...

Ransomware payment value decreased by over 30% in 2024

After a year of record payments to cyber criminals, the tide seems to be...

Data breach at Vorwerk: Hackers steal Thermomix user data

In a recent cybersecurity breach, hackers have managed to gain access to user data...