{"id":8484,"date":"2019-02-02T23:28:33","date_gmt":"2019-02-02T22:28:33","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=8484"},"modified":"2019-02-02T23:28:33","modified_gmt":"2019-02-02T22:28:33","slug":"aktualisierter-nsa-leitlinien-zu-side-channel-schwachstellen","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2019\/02\/02\/aktualisierter-nsa-leitlinien-zu-side-channel-schwachstellen\/","title":{"rendered":"Updated NSA Guidance on Side-Channel Vulnerabilities"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2015\/01\/Schutz.jpg\" width=\"40\" align=\"left\" height=\"47\">Short information for the weekend. On February 1, 2019, the U.S. National Security Agency (NSA) published updated guidelines on side-channel vulnerabilities. <\/p>\n<p><!--more--><\/p>\n<p>First details about side-channel vulnerabilities in CPUs became known a year ago under the terms Meltdown and Spectre. In 2018, more variants of side-channel attacks were released. I became aware of <a href=\"https:\/\/twitter.com\/tweet_alqamar\/status\/1091757026882080768\" target=\"_blank\">this discussion<\/a> via my Twitter channels.<\/p>\n<blockquote class=\"twitter-tweet\" data-lang=\"de\">\n<p lang=\"en\" dir=\"ltr\">WHAT BEGAN 2018? M&amp;S FROM NSA, SPEED UP: SECURITY <a href=\"https:\/\/twitter.com\/hashtag\/1February?src=hash&amp;ref_src=twsrc%5Etfw\">#1February<\/a><\/p>\n<p>Thank You: <a href=\"https:\/\/twitter.com\/SBSDiva?ref_src=twsrc%5Etfw\">@SBSDiva<\/a><\/p>\n<p>ICYMI: <a href=\"https:\/\/twitter.com\/AskWoody?ref_src=twsrc%5Etfw\">@AskWoody<\/a> <a href=\"https:\/\/twitter.com\/AdminKirsty?ref_src=twsrc%5Etfw\">@AdminKirsty<\/a> <a href=\"https:\/\/twitter.com\/thurrott?ref_src=twsrc%5Etfw\">@thurrott<\/a> <a href=\"https:\/\/twitter.com\/maryjofoley?ref_src=twsrc%5Etfw\">@maryjofoley<\/a> <a href=\"https:\/\/twitter.com\/bdsams?ref_src=twsrc%5Etfw\">@bdsams<\/a> <a href=\"https:\/\/twitter.com\/mehedih_?ref_src=twsrc%5Etfw\">@mehedih_<\/a> <a href=\"https:\/\/twitter.com\/ruthm?ref_src=twsrc%5Etfw\">@ruthm<\/a> <a href=\"https:\/\/twitter.com\/SwiftOnSecurity?ref_src=twsrc%5Etfw\">@SwiftOnSecurity<\/a> <a href=\"https:\/\/twitter.com\/pcper?ref_src=twsrc%5Etfw\">@pcper<\/a> <a href=\"https:\/\/twitter.com\/MalwareJake?ref_src=twsrc%5Etfw\">@MalwareJake<\/a> @GossiTheDog <a href=\"https:\/\/twitter.com\/tweet_alqamar?ref_src=twsrc%5Etfw\">@tweet_alqamar<\/a> <a href=\"https:\/\/twitter.com\/JobCacka?ref_src=twsrc%5Etfw\">@JobCacka<\/a> <a href=\"https:\/\/twitter.com\/etguenni?ref_src=twsrc%5Etfw\">@etguenni<\/a><a href=\"https:\/\/t.co\/rrYnRuVwkJ\">https:\/\/t.co\/rrYnRuVwkJ<\/a><\/p>\n<p>1\/4<\/p>\n<p>\u2014 Crysta T. Lacey (@PhantomofMobile) <a href=\"https:\/\/twitter.com\/PhantomofMobile\/status\/1091485559619411968?ref_src=twsrc%5Etfw\">1. Februar 2019<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script> <\/p>\n<p>On 1 February 2019, the US CERT has pointed out the following: The National Cybersecurity and Communications Integration Center (NCCIC), which is part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review the NSA Cybersecurity Advisory. The National Security Agency (NSA) has published two documents on the subject:<\/p>\n<p><a href=\"https:\/\/www.nsa.gov\/Portals\/70\/documents\/what-we-do\/cybersecurity\/professional-resources\/CSA_Updated_Guidance_For_Vulnerabilities_Affecting_Modern_Processors_20190130.pdf?ver=2019-01-30-142631-553\" target=\"_blank\">Updated Guidance for Vulnerabilities Affecting Modern Processors<\/a> <br \/><a href=\"https:\/\/github.com\/nsacyber\/Hardware-and-Firmware-Security-Guidance\" target=\"_blank\">Hardware and Firmware Security Guidance GitHub website<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Short information for the weekend. On February 1, 2019, the U.S. National Security Agency (NSA) published updated guidelines on side-channel vulnerabilities.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[580],"tags":[1079],"class_list":["post-8484","post","type-post","status-publish","format-standard","hentry","category-security","tag-sicherheit"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/8484","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=8484"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/8484\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=8484"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=8484"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=8484"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}