Increasingly, people around the world depend on technology for their daily activities. Making this technology trustworthy involves a deep understanding of how attacks work. By researching security vulnerabilities, the Advanced Threat Research (ATR) team in Intel Security discovers opportunities to drive toward more secure technology.
Threat Landscape Dashboard | 2017-02-13
Administrators, who are responsible for safeguarding systems, networks, and digital systems, face the overwhelming task of keeping up with the most significant threats. To serve those admins, we designed a new dashboard to identify the most significant threats and illustrate the relationships between them. Christiaan Beek outlines the concept in a blog post announcing the launch of this Threat Landscape Dashboard.
ATR previously discovered and presented vulnerabilities in UEFI-based firmware. This research describes a new class of vulnerabilities affecting SMI handlers on systems with Coreboot and UEFI based firmware. These issues are caused by incorrect trust assumptions between the firmware and the underlying hardware, which makes this issue applicable to any type of system firmware. These slides describe the issue as well as various mitigation techniques.