All news with #amd tag

Google Cloud N4D VMs with AMD EPYC Turin Generally Available

🚀 Google Cloud announces general availability of the N4D machine series built on 5th Gen AMD EPYC 'Turin' processors and Google's Titanium infrastructure. N4D targets cost-optimized, general-purpose workloads — web and app servers, data analytics, and containerized microservices — with up to 96 vCPUs, 768 GB DDR5, 50 Gbps networking, and Hyperdisk storage. Google cites up to 3.5x web-serving throughput versus N2D and material price-performance gains for general compute and Java workloads.

Layered Security for SMBs During the Holiday Season

🔒 Small and medium-size businesses face rising, measurable cyber risk as ransomware incidents increase and attacks spike during the holiday season. Resource constraints and end-of-life Windows 10 devices magnify exposure, while firmware-level and endpoint gaps can defeat traditional defenses. A layered, defense-in-depth approach across silicon, the operating system, and endpoints reduces attack surfaces. Business-grade devices such as the ASUS Expert Series integrate these protections to turn necessary upgrades into strategic security investments.

New hardware attack (TEE.fail) breaks modern secure enclaves

🔒 A new low-cost hardware-assisted attack called TEE.fail undermines current trusted execution environments from major chipmakers. The method inserts a tiny device between a memory module and the motherboard and requires a compromised OS kernel to extract secrets, defeating protections in Confidential Compute, SEV-SNP, and TDX/SDX. The attack completes in roughly three minutes and works against DDR5 memory, meaning the physical-access threats TEEs are designed to defend against are no longer reliably mitigated.

AWS Launches Memory-Optimized EC2 R8a Instances, GA

🧠 AWS has announced general availability of new Amazon EC2 R8a memory-optimized instances powered by 5th Gen AMD EPYC processors (Turin) with up to 4.5 GHz. R8a delivers up to 30% higher performance, up to 19% better price-performance and 45% more memory bandwidth versus R7a. Available in 12 sizes (including 2 bare metal) and SAP-certified, R8a targets latency-sensitive, memory-intensive workloads and supports Savings Plans, On-Demand and Spot purchasing.

Weekly Recap: Lazarus Web3 Attacks and TEE.Fail Risks

🔐 This week's recap highlights a broad set of high‑impact threats, from a suspected China‑linked intrusion exploiting a critical Motex Lanscope flaw to deploy Gokcpdoor, to North Korean BlueNoroff campaigns targeting Web3 executives. Researchers disclosed TEE.fail, a low‑cost DDR5 side‑channel that can extract secrets from Intel and AMD TEEs. Also noted: human‑mimicking Android banking malware, WSL‑based ransomware tactics, and multiple high‑priority CVEs.

TEE.Fail: DDR5 physical interposition exposes CPU TEE keys

🔓 A team of researchers from Georgia Tech, Purdue University and security firm Synkhronix disclosed TEE.Fail, a side‑channel that inspects DDR5 memory traffic to extract secrets from processor TEEs. Using an inexpensive interposition device built from off‑the‑shelf parts for under $1,000, the technique can recover attestation and signing keys from Intel SGX/TDX and AMD SEV‑SNP with Ciphertext Hiding, and can be used to undermine GPU confidential computing. Vendors assert that physical bus attacks remain out of scope.

TEE.Fail breaks confidential computing on DDR5 CPUs

🔓 Academic researchers disclosed TEE.Fail, a DDR5 memory-bus interposition side-channel that can extract secrets from Trusted Execution Environments such as Intel SGX, Intel TDX, and AMD SEV-SNP. By inserting an inexpensive interposer between a DDR5 DIMM and the motherboard and recording command/address and data bursts, attackers can map deterministic AES-XTS ciphertexts to plaintext values and recover signing and cryptographic keys. The method requires physical access and kernel privileges but can be implemented for under $1,000; Intel, AMD and NVIDIA were notified and are developing mitigations.

Google Cloud H4D VMs Boost Finance Workload Performance

⚡ Google Cloud announced the H4D VM family (Preview), powered by 5th Gen AMD EPYC processors (Turin), aimed at delivering extreme performance for financial services workloads. The H4D series targets latency-sensitive use cases such as high-frequency trading, Monte Carlo risk simulations, backtesting, and derivatives pricing by offering faster core-to-core communication, larger memory capacity, and improved network throughput. AMD benchmarking with the open-source KX Nano test reported an average ~34% out-of-the-box performance gain over prior C3D VMs, with per-core and multi-threaded uplifts around 1.33–1.36x. Google Cloud will demonstrate H4D and complementary HPC solutions at STAC Summit NYC on October 28th and will have experts available to discuss performance, security, and compliance.

DDR4 WireTap and Battering RAM: Server TEE Attacks Explained

🔒 Two independent research teams demonstrated practical physical attacks that extract encrypted data from server trusted execution environments by intercepting DDR4 memory traffic. The U.S. WireTap proof-of-concept slowed memory clocks and used an inexpensive legacy logic analyzer to recover keys from Intel SGX. The Battering RAM team employed a tiny interposer and a Raspberry Pi Pico to mirror writes and target both Intel SGX and AMD SEV-SNP covertly. Both efforts drastically lower cost and complexity compared with prior work, though vendors note that physical attacks sit outside their threat model.

Microsoft October Patch Tuesday addresses 172 bugs

🔒 Microsoft’s October Patch Tuesday delivers updates for 172 vulnerabilities, including six classed as zero-days. Three of those zero-days are being actively exploited, affecting the Windows Remote Access Connection Manager (CVE-2025-59230), an Agere modem kernel driver, and a secure-boot bypass in IGEL OS (CVE-2025-47827). Microsoft has removed the legacy Agere driver rather than patch it, citing risks in modifying unsupported code. This release also marks the final free Patch Tuesday for Windows 10; continued updates will require the Extended Security Updates (ESU) program.

October 2025 Patch Tuesday: Critical WSUS and Modem Fixes

🔒 Microsoft’s October Patch Tuesday addresses 167 vulnerabilities, including seven rated critical that require immediate CISO attention. Notable fixes include a 9.8 RCE in Windows Server Update Service (WSUS) (CVE-2025-59287) and two Office RCEs exploitable via the Preview Pane. Two legacy Agere modem driver flaws include an in-the-wild zero day and a prior public disclosure, prompting Microsoft to remove ltmdm64.sys from Windows. Administrators should prioritize internet-facing services, kernel-mode drivers, and review WSUS exposure and patch management architecture.

AMD issues patches for RMPocalypse flaw in SEV-SNP

⚠️ AMD released mitigations and firmware/BIOS updates to address a vulnerability dubbed RMPocalypse, which ETH Zürich researchers Benedict Schlüter and Shweta Shinde say can be triggered by a single 8-byte overwrite of the Reverse Map Paging (RMP) table during SEV‑SNP initialization. The flaw, assigned CVE-2025-0033, stems from a race condition in the AMD Secure Processor/Platform Security Processor (PSP/ASP) that could allow an admin-privileged or malicious hypervisor to modify initial RMP content and void SEV‑SNP integrity guarantees. AMD listed impacted EPYC families and provided vendor guidance; Microsoft and Supermicro have acknowledged the issue and are working on remediations.

AWS launches general-purpose Amazon EC2 M8a instances

🚀 AWS announced general availability of the new Amazon EC2 M8a general-purpose instances powered by 5th Gen AMD EPYC processors (Turin), with a maximum frequency of 4.5 GHz and up to 30% higher performance over M7a. M8a instances deliver 45% more memory bandwidth and notable benchmark improvements—60% faster on GroovyJVM and up to 39% faster on Cassandra. They are SAP-certified, come in 12 sizes including two bare-metal options, and are available in US East (Ohio), US West (Oregon), and Europe (Spain). Customers can purchase M8a via On-Demand, Spot, and Savings Plans.

Researchers Find Physical Interposer Attacks on Intel, AMD

🔓 Researchers disclosed two physical interposer attacks—Battering RAM and Wiretrap—that bypass Trusted Execution Enclaves on Intel (SGX) and AMD (SEV‑SNP) platforms. Both attacks exploit deterministic memory encryption by inserting an interposer between CPU and DRAM to capture ciphertext in transit. Battering RAM can replay ciphertext and create memory aliases to expose plaintext and implant backdoors, while Wiretrap enables ciphertext-based key recovery. Practical mitigation today is limited to preventing physical access and strengthening supply‑chain and data‑center controls such as those in ISO/IEC 27001.

Battering RAM: DDR4 Interposer Breaks Cloud Memory

🔒 Researchers at KU Leuven and the University of Birmingham disclosed Battering RAM, a low-cost DDR4 interposer attack that can undermine hardware memory encryption used in cloud environments. The $50 interposer sits transparently in the memory path, passes boot-time trust checks, and can be toggled to redirect physical addresses to attacker-controlled locations to corrupt or replay encrypted memory. The team says the technique can bypass protections such as SGX and SEV-SNP, and that meaningful mitigation would require architectural redesign of memory encryption.

VMScape: Practical Spectre v2 Sandbox Escape in VMs

⚠️ Researchers at ETH Zurich published a paper demonstrating VMScape, a practical Spectre v2 (branch target injection) attack that escapes a guest VM to read host memory in virtualized environments. The team showed AMD Zen1–Zen5 CPUs and older Intel Coffee Lake servers can be abused to exfiltrate secrets from a default-configured VM. The issue was assigned CVE-2025-40300 and a Linux kernel patch is available; hardware protections such as SEV/SEV-SNP and TDX are recommended mitigations.

New Phoenix Rowhammer Bypass Elevates DDR5 Privilege Risk

⚠ The new Phoenix Rowhammer technique reverse-engineers TRR in SK Hynix DDR5 DIMMs to induce controlled bit flips previously believed mitigated. Researchers from ETH Zurich and Google report Phoenix reliably triggers flips across all 15 tested modules, enabling practical exploits such as forged Page Table Entries, RSA-2048 key leakage from co-located VMs, and a sudo-based root escalation. The issue is tracked as CVE-2025-6202.

VMScape: Spectre-BTI Variant Breaks VM Isolation in VMs

🔒 Researchers have demonstrated VMScape, a Spectre-like branch target injection attack that breaks guest-to-host isolation on AMD and Intel CPUs in virtualized environments. The proof-of-concept targeted KVM/QEMU in its default configuration and extracted host disk encryption keys from an AMD Zen 4 system. Tracked as CVE-2025-40300, mitigations include inserting an Indirect Branch Prediction Barrier (IBPB) on VMEXIT, which maintainers report causes only marginal performance impact. The vulnerability highlights that existing Spectre-BTI defenses and microcode updates are insufficient in some virtualized deployments, particularly on AMD Zen microarchitectures.

VMScape: Spectre-like VM-to-host data leak on CPUs

🔓 Researchers at ETH Zurich disclosed VMScape, a Spectre-like speculative-execution attack that lets a malicious VM extract secrets from an unmodified QEMU hypervisor running on many modern AMD and some Intel CPUs. The exploit abuses shared branch-prediction structures and a FLUSH+RELOAD side channel to induce speculative disclosure. It works without host compromise and bypasses default mitigations; vendors and Linux developers released advisories and kernel patches to mitigate the issue.

AWS Split Cost Allocation Adds GPU and Accelerator Cost Tracking

🔍 Split Cost Allocation Data now supports accelerator-based workloads running in Amazon Elastic Kubernetes Service (EKS), allowing customers to track costs for Trainium, Inferentia, NVIDIA and AMD GPUs alongside CPU and memory. Cost details are included in the AWS Cost and Usage Report (including CUR 2.0) and can be visualized using the Containers Cost Allocation dashboard in Amazon QuickSight or queried with Amazon Athena. New customers can enable the feature in the Billing and Cost Management console; it is automatically enabled for existing Split Cost Allocation Data customers.