Thursday, September 13, 2018

New Cold Boot Attack Unlocks Disk Encryption on Nearly All Modern PCs

Image result for New Cold Boot Attack Unlocks Disk Encryption on Nearly All Modern PCs




Security researchers have revealed a new attack to steal passwords, encryption keys and other sensitive information stored on most modern computers, even those with full disk encryption.

The attack is a new variation of a traditional Cold Boot Attack, which is around since 2008 and lets attackers steal information that briefly remains in the memory (RAM) after the computer is shut down.

However, to make the cold boot attacks less effective, most modern computers come bundled with a safeguard, created by the Trusted Computing Group (TCG) that overwrites the contents of the RAM when the power on the device is restored, preventing the data from being read.

Now, researchers from Finnish cyber-security firm F-Secure figured out a new way to disable this overwrite security measure by physically manipulating the computer's firmware, potentially allowing attackers to recover sensitive data stored on the computer after a cold reboot in a matter of few minutes.


"Cold boot attacks are a known method of obtaining encryption keys from devices. But the reality is that attackers can get their hands on all kinds of information using these attacks. Passwords, credentials to corporate networks, and any data stored on the machine are at risk," the security firm warns in a blog post published today.



How Microsoft Windows and Apple Users Can Prevent Cold Boot Attacks

cold boot attack on full disk encryption

No comments:

Post a Comment

Which Python course is best for beginners?

Level Up Your Python Prowess: Newbie Ninjas: Don't fret, little grasshoppers! Courses like "Learn Python 3" on Codecade...