Although there are hackers with bad intentions, there are also those who invest their time in discovering flaws to prevent massive attacks, as luckily it has happened in the fact that we will tell you next. A group of F-Secure researchers discovered a way to steal encrypted data on Windows or MacOS computers. To achieve this, the security researchers have used the “cold start” method, a well-known method which is actually based on a very common method among hackers which violates a component of the computer when it is off since it is easier to circumvent their security in this state. Moreover, its process consists of extracting the data that is stored in the memory when the equipment is not in use. Of course, if you want to do it, you need to have the equipment in your hands. If you are familiar with the operation of hardware components, you are probably thinking that this does not make sense, and you are right, because the memories overwrite the information stored when the computer is turned off, preventing valuable information from being stolen when the computer was stored switched on. Well, researchers have discovered how to prevent memories from overwriting information when the computer is turned off, and have created a tool that performs this task. For this reason, they have resorted to violating it when it is not turned on since the data are still present in the memory and can be extracted with relative ease. The people of F-Secure have been surprised that other hackers have not discovered this method before. Using tools such as BitLocker (Windows) and FileVault (macOS) to encrypt data has not been much use either since they have also managed to break the encryption of the files to have full access to the memory information. In an interview with the TechCrunch portal, F-Secure said that this vulnerability has allowed them to obtain data such as passwords and access credentials to corporate networks. Very sensitive information that in other hands could cause too much damage. Of course, long before revealing their findings, those responsible reported the fact to Apple, Microsoft, and Intel, which took action to prevent this situation with their products. In the case of Microsoft, recently launched an update for BitLocker that allows establishing a security code (PIN) to prevent access to the boot system. Unfortunately, people with Windows “Home” licenses are still not protected by this method. Because the attack occurs directly on the computer hardware, F-Secure does not give much hope that Microsoft can solve this problem, because the responsibility falls entirely on companies such as Intel, which is responsible for designing the memory of a lot of computers. Unfortunately, Intel still does not commented on this. For its part, tech giant Apple mentions that the Mac with the T2 chip are out of danger, but encourage their users to establish strong passwords for the login, or enable Touch ID on the computers that integrate this feature. What happens with computers that do not have the chip mentioned? The tech giant Apple said that they are already working to offer a solution in the short term. Surely this negative picture was the main reason why F-Secure did not reveal in detail how its tool works that avoid overwriting the data in memory, as it could encourage other hackers to use similar methods with bad intentions. The “positive” point of this story is that the attackers must have the computer in their hands to be able to violate it; otherwise, it is impossible to do so, at least not with the discovered method. So, what do you think about this? Simply share all your views and thoughts in the comment section below.

Δ

WARNING  All PCs   Macs Are Vulnerable To This Dangerous New Bug - 69WARNING  All PCs   Macs Are Vulnerable To This Dangerous New Bug - 52WARNING  All PCs   Macs Are Vulnerable To This Dangerous New Bug - 83