Z naszego bloga
-
AV Access KVM Switches – Professional Solutions for macOS...Modern workstations increasingly use more than one computer. Programmers work simultaneously on work and personal computers, graphic designers use high-performance workstations and laptops, and home users want to switch conveniently between their work computer and their gaming computer. For such applications, KVM (Keyboard, Video, Mouse) switches are the ideal solution, allowing users to control multiple computers using a single keyboard, mouse, and set of monitors.
-
USB-C and USB4 – Differences, Speeds, and Applications |...Just a few years ago, choosing the right USB cable was simple. Today, the situation is completely different. The market offers USB-C, USB 10 Gb/s, USB 20 Gb/s, USB4, Thunderbolt 4, and Thunderbolt 5. Although many of these standards use the same connector, their capabilities can vary dramatically. In this article, we explain what USB-C is, the differences between USB 3.2 and USB4, and how to choose the right accessories for use with Apple computers, PCs, docking stations, and professional peripherals.
-
ATTO FastFrame™ AIR – professional 10/25/50/100GbE...ATTO FastFrame™ AIR – professional 10/25/50/100GbE network cards for the most demanding workstations ATTO Technology is expanding its product portfolio with the new FastFrame™ AIR series of network cards, designed specifically for modern workstations that demand the highest performance, minimal latency, and reliable network communication. The new 10GbE, 25GbE, 50GbE, and 100GbE Ethernet adapters combine exceptional performance with an innovative active cooling system, making them ideal for environments where standard network cards cannot deliver the required performance.
-
The Glyph Atom EX40 drives deliver performance that keeps...When it comes to creative work, your equipment shouldn’t hold you back. Whether you’re working with 4K/8K footage, large RAW libraries, or audio projects, one thing matters most: stable, predictable, and high performance. The Glyph Atom EX40 is a drive designed not for benchmarks, but for real-world, high-demand production workloads.
Blog categories
Search in blog
Ransomware can now run directly on the CPU, researcher warns
The ghost in the machine is reaching the deepest foundations of the computing infrastructure
Chipmakers typically use microcode updates to fix bugs and improve CPU reliability. However, this low-level layer between hardware and machine code can also serve as a stealthy attack vector – capable of hiding malicious payloads from all software-based defenses. As threats evolve, even the deepest layers of a system can no longer be assumed safe.
A security researcher designed a way to \"weaponize\" microcode updates to install ransomware directly onto the CPU. Rapid7 analyst Christiaan Beek drew inspiration from a critical flaw in AMD's Zen processors, discovered by Google researchers earlier this year. The flaw could allow attackers to modify the RDRAND instruction and inject a custom microcode that always selects \"4\" when generating a random number.
Microcode updates should theoretically be exclusive to CPU manufacturers, ensuring the correct update installs only on compatible processors. While injecting a custom microcode is difficult, it is not impossible, as the RDRAND flaw demonstrates. Using his knowledge of firmware security, Beek set out to write a CPU-level ransomware.
The Register notes that the security expert developed a proof-of-concept (PoC) that hides a ransomware payload inside the processor. He described the breakthrough as \"fascinating,\" though he has no plans to release any documentation or code from the PoC. Cybercriminals could bypass all traditional security technologies after compromising the CPU or motherboard firmware using Beek's method.
Beek emphasized that extremely low-level ransomware threats aren't just theoretical. The infamous BlackLotus bootkit, for example, can compromise UEFI firmware and infect systems protected by Secure Boot. He also quoted snippets from the Conti ransomware group chat log 2022 breach. Conti developers were reportedly working on a PoC to install ransomware directly into UEFI firmware.
\"If we modify the UEFI firmware, we can trigger encryption before the OS loads. No AV can detect this,\" the cybercriminals stated.
With the right exploit, they could abuse vulnerable UEFI releases that allowed unsigned updates to carry out the covert ransomware installation.
If a few capable black hat hackers had been exploring this kind of threat years ago, Beek said, the most skilled among them would have eventually succeeded. He criticized the IT industry for chasing trends instead of fixing core problems. While corporations focus on agentic AI, machine learning, and chatbots, fundamental security remains neglected. Ransomware gangs rake in billions annually through weak passwords, high-risk vulnerabilities, and poor multi-factor authentication.
Related posts
-
Nowość! Stacja dokująca od Sonnet z dwoma zatokami na dyski NVMe
Sonnet has released the latest docking station enabling the installation of two PCIe NVMe M.2 2280 drives with a...Read more -
Trzy wyświetlacze do Apple Mac z M1/M2/M3? To nie problem!
We know perfectly well how good Apple processors from the M1, M2 and M3 families are. These systems used in Apple...Read more -
OWC Thunderbolt Pro Dock - The best docking station for professional developers
OWC Thunderbolt Pro Dock – high throughput and flexibility for demanding professionals working with high resolution...Read more -
Do 320TB w sprzętowym RAID poprzez port Thunderbolt. Z Mac Studio idealna para!
Netstor NS780TB3 is a 16-bay enclosure that allows you to connect up to 320TB of fast mass storage to a computer...Read more -
Nowe NASy od TerraMaster z 2x 2,5GbE i zatokami na 2x M.2 SSD
The new TerraMaster F2-223 and F4-223 NAS devices support TRAID. This is a flexible disk array management tool...Read more
Leave a comment