Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

WireTap memory-bus interposer analysis breaks Intel SGX attestation on DDR4 systems

Technical Analysis
First reported
Last updated
Happening score
H score 16
1 unique sources, 1 articles

Summary

Hide ▲

Researchers demonstrated WireTap, a memory-bus interposer attack that can extract Intel SGX attestation keys on DDR4 systems, undermining enclave confidentiality and hardware trust. The technique matters because it can let an attacker masquerade as genuine SGX hardware while recovering secrets from supposedly trusted execution environments.

Related Happenings

Linux kernel security update for Copy Fail (CVE-2026-31431)

Security Patch Release
First: 30.04.2026 16:54 Last: 30.04.2026 16:54 Sources 1

About this happening: **Linux kernel** maintainers have fixed **CVE-2026-31431** and are rolling out updates to close a **local privilege escalation** flaw that lets an unprivileged attacker gain **roo...

Open Happening

IP KVM devices unauthenticated root access and command execution flaws (multiple vulnerabilities)

Vulnerability
First: 18.03.2026 13:42 Last: 18.03.2026 13:42 Sources 1

About this happening: Nine **IP KVM vulnerabilities** across **GL-iNet Comet RM-1**, **Angeet/Yeeso ES3 KVM**, **Sipeed NanoKVM**, and **JetKVM** can expose attached hosts to **root access** and **comm...

Open Happening

VoidLink AI-generated malware development analysis

Technical Analysis
First: 21.01.2026 14:51 Last: 21.01.2026 14:51 Sources 1

About this happening: **VoidLink** is a **Linux-based C2 framework** with **multi-cloud targeting** and **modular implants** built for **credential theft**, **data exfiltration** and **stealthy persist...

Open Happening

AMD StackWarp SEV-SNP bypass (CVE-2025-29943)

Vulnerability
First: 19.01.2026 13:31 Last: 19.01.2026 13:31 Sources 1

About this happening: **StackWarp** is a **CVE-2025-29943** hardware vulnerability in **AMD Zen 1 through Zen 5** CPUs that can bypass **SEV-SNP** protections and expose confidential VM workloads. The...

Open Happening

IGEL OS secure boot bypass, actively exploited (CVE-2025-47827)

Vulnerability
First: 15.10.2025 12:45 Last: 15.10.2025 12:45 Sources 1

About this happening: **CVE-2025-47827** is an **actively exploited** **secure boot bypass** in **IGEL OS** that can undermine the trust boundary on virtual desktop endpoints. The flaw matters because...

Open Happening

Timeline

  1. 01.10.2025 20:20 2 articles · 7mo ago

    WireTap memory-bus interposer research on Intel SGX

    Technical Analysis Update

    Researchers from Georgia Institute of Technology and Purdue University demonstrated WireTap, a physical memory-bus interposer attack on Intel Software Guard eXtensions (SGX) that works on DDR4 systems to passively decrypt sensitive data and extract an SGX secret attestation key from the Quoting Enclave (QE), enabling ECDSA signing key recovery and forged SGX enclave reports. Intel said the technique is outside its threat model because it assumes a physical adversary with direct access to the hardware and a memory bus interposer, and Intel does not plan to issue a CVE.

    Show sources
    Open in new tab