ProHoster > Blog > internet nhau > 20GB yeIntel Yemukati Tekinoroji Documentation uye Source Code Yakaburitswa

20GB yeIntel Yemukati Tekinoroji Documentation uye Source Code Yakaburitswa

Tilly Kothmann (Tillie Kottman), mugadziri wepuratifomu Android kubva kuSwitzerland, chiteshi chikuru cheTelegram pamusoro pekuburitswa kwedata, rakabudiswa 20 GB yemagwaro ehunyanzvi emukati uye kodhi yekodhi, yakawanikwa nekuda kwekubuda kwe data kubva kuIntel, yave kuwanikwa pachena. Izvi zvinonzi ndiyo seti yekutanga yemagwaro kubva muunganidzwa wakapihwa nemunhu asingazivikanwe. Mazhinji emagwaro aya akanyorwa seakavanzika, zvakavanzika zvemakambani, kana kuti anowanikwa chete nechibvumirano chekusaburitsa pachena.

Magwaro matsva ane musi wekutanga kwaChivabvu uye anosanganisira ruzivo nezvepuratifomu itsva yeCedar Island (Whitley) server. Kunewo magwaro egore ra2019, akadai seaya anotsanangura puratifomu yeTiger Lake, asi ruzivo rwakawanda runotangira mugore ra2014. Kuwedzera kune magwaro, seti iyi inosanganisirawo kodhi, maturusi ekugadzirisa matambudziko, maschematics, madhiraivha, uye mavhidhiyo ekudzidzisa.

Vamwe mashoko kubva paseti:

  • Mabhuku eIntel ME (Management Engine), zvishandiso zve flash, uye mienzaniso yemapuratifomu akasiyana-siyana.
  • Kushandiswa kweBIOS papuratifomu yeKabylake (Purley), mienzaniso uye kodhi yekutanga (ine changelog kubva kugit).
  • Kodhi yeIntel CEFDK (Consumer Electronics Firmware Development Kit).
  • Mapakeji eCode of FSP (Firmware Support Package) uye zvirongwa zvekugadzira mapuratifomu akasiyana-siyana.
  • Zvishandiso zvakasiyana-siyana zvekugadzirisa matambudziko nekugadzira.
  • Simics-Rocket Lake S platform simulator.
  • Mapurani akasiyana-siyana nemagwaro.
  • Madhiraivha ebhinari ekamera yeIntel akagadzirirwa SpaceX.
  • Magadzirirwo, magwaro, firmware, uye maturusi epuratifomu yeTiger Lake isati yaburitswa.
  • Mavhidhiyo ekudzidzisa eKabylake FDK.
  • Mafaira eIntel Trace Hub uye edecoder emhando dzakasiyana dzeIntel ME.
  • Kushandiswa kwezviyeuchidzo zvepuratifomu yeElkhart Lake uye mienzaniso yekodhi yekutsigira puratifomu.
  • Tsananguro dzeVerilog hardware block dzemapuratifomu akasiyana-siyana eXeon.
  • Kugadzirisa BIOS/TXE kuvaka pamapuratifomu akasiyana.
  • Bootguard SDK.
  • Simulator yeprocess yeIntel Snowridge neSnowfish.
  • Zvirongwa zvakasiyana-siyana.
  • Matemplate ezvekushandisa pakushambadzira.

Intel yakazivisa kuti yakatanga kuferefeta nezvechiitiko ichi. Sekureva kweruzivo rwekutanga, data iri rakawanikwa kuburikidza nehurongwa hweruzivo "Nzvimbo yeIntel Resource uye Dhizaini", ine ruzivo rwakaganhurirwa kune vatengi, vadyidzani, uye mamwe makambani ayo Intel inoshanda nawo. Zvingangodaro kuti ruzivo urwu rwakatorwa uye rwakaburitswa nemumwe munhu ane mukana wekuwana iyi sisitimu yeruzivo. Mumwe aimbove mushandi weIntel akaratidza Paaitaura nezveshanduro yake paReddit, akataura kuti kubuda kwedata iri kunogona kunge kuri nekuda kwekurwiswa kwevashandi kana kubiwa kwedata neimwe yemamotherboard OEMs.

Munhu asingazivikanwe akaendesa magwaro kuti abudiswe akanongedzaZvakazoonekwa kuti data iri rakatorwa kubva kuseva isina kuchengetedzwa yakachengetedzwa paAkamai CDN, kwete kubva kuIntel Resource and Design Center. Sevha iyi yakawanikwa netsaona panguva yekuskena mass hosts ichishandisa nmap uye yakabiwa kuburikidza nesevhisi isina kuchengetedzwa.

Mamwe mabhuku akataura nezvekuwanikwa kwe backdoors muIntel code, asi zvirevo izvi hazvina hwaro uye zvinongobva pane
kuvapo Mutsara unoti "Save the RAS backdoor request pointer to IOH SR 17" mu comment mune imwe yema code files. Muchirevo che ACPI RAS zvinoreva "Kuvimbika, Kuwanikwa, Kugona Kushanda." Kodhi pachayo inobata kuona nekugadzirisa zvikanganiso zvekurangarira, ichichengeta mhedzisiro muI/O hub register 17, uye haina "backdoor" mupfungwa yekuchengetedzwa kwemashoko.

Seti iyi yakatogoverwa kune mamwe maBitTorrent network uye inowanikwa kuburikidza ne chinongedzo chemaginetiSaizi ye zip archive inosvika 17 GB (mapassword ekuvhura ndeaya "Intel123" uye "intel123").

Zvakakoshawo kuziva kuti pakupera kwaChikunguru Tilly Kottmann rakabudiswa munharaunda yeruzhinji zvemukati matura akawanikwa nekuda kwekubuda kwedata kubva kumakambani angangoita makumi mashanu. Rondedzero yacho inosanganisira makambani akadai se
Microsoft, Adobe, Johnson Controls, GE, AMD, Lenovo, Motorola, Qualcomm, Mediatek, Disney, Daimler, Roblox neNintendo, pamwe chete nemabhangi akasiyana-siyana, makambani emari, emotokari nemakambani ekufambisa.
Chinhu chikuru chakaita kuti nyaya iyi ibude pachena kwaive kusarongeka kweDevOps infrastructure uye kusiya makiyi ekupinda mumabhuku everuzhinji.
Mazhinji emarepository akakopwa kubva kumaDevOps systems emuno zvichibva pamapuratifomu eSonarQube, GitLab neJenkins, ayo anowanikwa akanga asiri yakaganhurirwa nemazvo (muzviitiko zveDevOps zvinowanikwa pawebhu munzvimbo dzayo zvakashandiswa marongero akajairika, zvinoreva mukana wekuti veruzhinji vawane mapurojekiti).

Pamusoro pezvo, kutanga kwaChikunguru, nekuda kwe compromise Sevhisi yeWaydev, yaishandiswa kugadzira mishumo yekuongorora nezvemabasa eGit repository, yakarasikirwa nedatabase, kusanganisira maOAuth token ekushandisa paGitHub neGitLab. Matoken aya angadai akashandiswa kutevedzera marepository ega ega evatengi veWaydev. Matoken akabiwa akazoshandiswa kukanganisa zvivakwa. dave.com и mafashamo.io.

Source: opennet.ru

Tenga inovimbika yekutambira kwemasaiti ane DDoS dziviriro, VPS VDS maseva 🔥 Tenga webhusaiti yakavimbika ine dziviriro yeDDoS, maseva eVPS VDS | ProHoster