All news with #intel tag

AWS launches compute-optimized EC2 C8i and C8i-flex

🚀 AWS announced general availability of C8i and C8i-flex compute-optimized EC2 instances powered by custom Intel Xeon 6 processors exclusive to AWS. The new families deliver up to 15% better price-performance and 2.5x more memory bandwidth versus prior Intel-based instances, and up to 20% higher CPU performance compared with C7i. AWS cites up to 60% faster performance for NGINX, ~40% for deep-learning recommendation models, and ~35% for Memcached. C8i-flex covers common sizes (large–16xlarge) for cost-efficient use; C8i provides 13 sizes including two bare-metal options and a new 96xlarge. Instances are initially available in N. Virginia, Ohio, Oregon, and Spain and can be purchased via Savings Plans, On-Demand, or Spot.

Amazon EC2 C8i and C8i-flex Instances Generally Available

🚀 AWS has announced the general availability of new Amazon EC2 C8i and C8i-flex compute-optimized instances powered by custom Intel Xeon 6 processors available only on AWS. AWS cites up to 15% better price-performance and 2.5x more memory bandwidth versus prior Intel-based instances, and up to 20% higher performance compared with C7i families, with specific gains as high as 60% for NGINX, 40% for deep learning recommendation models, and 35% for Memcached. C8i-flex targets common sizes from large to 16xlarge for workloads that don’t fully use all vCPUs, while C8i offers 13 sizes including two bare-metal options and a new 96xlarge for the largest scale. These instances are available in US East (N. Virginia), US East (Ohio), US West (Oregon), and Europe (Spain) and can be purchased via Savings Plans, On-Demand, or Spot.

Researchers Find Physical Interposer Attacks on Intel, AMD

🔓 Researchers disclosed two physical interposer attacks—Battering RAM and Wiretrap—that bypass Trusted Execution Enclaves on Intel (SGX) and AMD (SEV‑SNP) platforms. Both attacks exploit deterministic memory encryption by inserting an interposer between CPU and DRAM to capture ciphertext in transit. Battering RAM can replay ciphertext and create memory aliases to expose plaintext and implant backdoors, while Wiretrap enables ciphertext-based key recovery. Practical mitigation today is limited to preventing physical access and strengthening supply‑chain and data‑center controls such as those in ISO/IEC 27001.

WireTap Attack Extracts Intel SGX ECDSA Key via DDR4

🔬 Researchers from Georgia Institute of Technology and Purdue University describe WireTap, a physical memory-bus interposer attack that passively inspects DDR4 traffic to recover secrets from Intel SGX enclaves. By exploiting deterministic memory encryption, the team built an oracle enabling a full key-recovery of an SGX ECDSA attestation key from the Quoting Enclave. The prototype uses inexpensive, off-the-shelf equipment (roughly $1,000) and can be introduced via supply-chain compromise or local physical access. Intel says the scenario requires physical access and falls outside its memory-encryption threat model.

Battering RAM: DDR4 Interposer Breaks Cloud Memory

🔒 Researchers at KU Leuven and the University of Birmingham disclosed Battering RAM, a low-cost DDR4 interposer attack that can undermine hardware memory encryption used in cloud environments. The $50 interposer sits transparently in the memory path, passes boot-time trust checks, and can be toggled to redirect physical addresses to attacker-controlled locations to corrupt or replay encrypted memory. The team says the technique can bypass protections such as SGX and SEV-SNP, and that meaningful mitigation would require architectural redesign of memory encryption.

VMScape: Practical Spectre v2 Sandbox Escape in VMs

⚠️ Researchers at ETH Zurich published a paper demonstrating VMScape, a practical Spectre v2 (branch target injection) attack that escapes a guest VM to read host memory in virtualized environments. The team showed AMD Zen1–Zen5 CPUs and older Intel Coffee Lake servers can be abused to exfiltrate secrets from a default-configured VM. The issue was assigned CVE-2025-40300 and a Linux kernel patch is available; hardware protections such as SEV/SEV-SNP and TDX are recommended mitigations.

CrowdStrike Secures AI Across the Enterprise with Partners

🔒 CrowdStrike describes how the Falcon platform delivers unified visibility and lifecycle defense across the full AI stack, from GPUs and training data to inference pipelines and SaaS agents. The post highlights integrations with NVIDIA, AWS, Intel, Dell, Meta, and Salesforce to extend protection into infrastructure, data, models, and applications. It also introduces agentic defense via Charlotte AI for autonomous triage and rapid response, and emphasizes governance controls to prevent data leaks and adversarial manipulation.

VMScape: Spectre-BTI Variant Breaks VM Isolation in VMs

🔒 Researchers have demonstrated VMScape, a Spectre-like branch target injection attack that breaks guest-to-host isolation on AMD and Intel CPUs in virtualized environments. The proof-of-concept targeted KVM/QEMU in its default configuration and extracted host disk encryption keys from an AMD Zen 4 system. Tracked as CVE-2025-40300, mitigations include inserting an Indirect Branch Prediction Barrier (IBPB) on VMEXIT, which maintainers report causes only marginal performance impact. The vulnerability highlights that existing Spectre-BTI defenses and microcode updates are insufficient in some virtualized deployments, particularly on AMD Zen microarchitectures.

VMScape: Spectre-like VM-to-host data leak on CPUs

🔓 Researchers at ETH Zurich disclosed VMScape, a Spectre-like speculative-execution attack that lets a malicious VM extract secrets from an unmodified QEMU hypervisor running on many modern AMD and some Intel CPUs. The exploit abuses shared branch-prediction structures and a FLUSH+RELOAD side channel to induce speculative disclosure. It works without host compromise and bypasses default mitigations; vendors and Linux developers released advisories and kernel patches to mitigate the issue.

Amazon EC2 C6in Instances Now in Asia Pacific (Thailand)

🚀 Starting today, Amazon EC2 C6in instances are available in AWS Region Asia Pacific (Thailand). These sixth-generation, network-optimized instances use 3rd Gen Intel Xeon Scalable processors and the AWS Nitro System to deliver up to 200 Gbps of network bandwidth—about 2x the bandwidth of comparable fifth-generation instances. C6in offers up to 128 vCPUs across 10 sizes (including a bare metal option), up to 100 Gbps of EBS bandwidth, and up to 400K IOPS, with Elastic Fabric Adapter (EFA) supported on 32xlarge and metal sizes.

Google Cloud Expands Confidential Computing with Intel TDX

🔒 Google Cloud has expanded its Intel TDX-based Confidential Computing portfolio, now offering Confidential GKE Nodes, Confidential Space, and Confidential GPUs alongside broader regional availability. Creating an Intel TDX Confidential VM is exposed directly in the GCE Create an instance flow under the Security tab, with no code changes required. The C3 machine series supports Intel TDX across additional regions and zones, and NVIDIA H100 GPUs on the A3 series enable confidential AI by combining Intel CPU protection with NVIDIA Confidential Computing on the GPU.

Amazon EC2 U7i-12TB High Memory Instances in Seoul

🚀 Amazon EC2 High Memory U7i instances (u7i-12tb.224xlarge) with 12TiB of DDR5 memory are now available in the AWS Asia Pacific (Seoul) Region. Powered by custom fourth-generation Intel Xeon Scalable (Sapphire Rapids) processors, the U7i-12tb offers 896 vCPUs, ENA Express support, and up to 100 Gbps for both EBS and network throughput. These instances are designed for mission-critical in-memory databases and large transactional workloads such as SAP HANA, Oracle, and SQL Server, enabling faster data loading, backups, and higher transaction processing throughput.

AWS launches M8i and M8i-flex EC2 instances, Xeon 6

🚀 AWS has made the new M8i and M8i-flex EC2 instances generally available, powered by custom Intel Xeon 6 processors exclusive to AWS. The instances offer up to 15% better price-performance and 2.5x the memory bandwidth versus previous Intel-based generations, and AWS reports up to 20% higher performance compared with M7i and M7i-flex with larger gains for specific workloads. Initial availability includes US East (N. Virginia), US East (Ohio), US West (Oregon), and Europe (Spain).

Gemini Available On-Premises with Google Distributed Cloud

🚀 Gemini on Google Distributed Cloud (GDC) is now generally available for customers, bringing Google’s advanced Gemini models on‑premises with GA for air‑gapped deployments and a connected preview. The solution provides managed Gemini endpoints with zero‑touch updates, automatic load balancing and autoscaling, and integrates with Vertex AI and preview agents. It pairs Gemini 2.5 Flash and Pro with NVIDIA Hopper and Blackwell accelerators and includes audit logging, access controls, and support for Confidential Computing (Intel TDX and NVIDIA) to meet strict data residency, sovereignty, and compliance requirements.

Amazon EC2 C7i Instances Now Available in Osaka Region

🚀 Amazon EC2 C7i instances powered by custom 4th Gen Intel Xeon Scalable processors are now available in the Asia Pacific (Osaka) Region. C7i delivers up to 15% better performance versus comparable x86-based Intel processors and up to 15% improved price-performance over C6i. Instances scale to 48xlarge and provide two bare-metal sizes with Intel accelerators, support Intel AMX, and allow up to 128 EBS volumes to better handle compute-intensive workloads.

Google research improves Retbleed exploit on Zen 2

🔬 Google researchers demonstrated practical improvements to the Retbleed speculative-execution attack, showing that on AMD Zen 2 CPUs attackers can read arbitrary RAM at roughly 13 KB/s with perfect cache-extraction accuracy. They adapted a modified Speculative ROP technique to evade Spectre v2 mitigations and showed ways to bypass Linux kernel defenses. The exploit still requires prior knowledge of kernel configuration, but common default builds and probing reduce that hurdle, and Google has already restricted Zen 2 in certain cloud workloads.

AWS launches memory-optimized EC2 R8i and R8i-flex

🔔 AWS announced general availability of new memory-optimized Amazon EC2 R8i and R8i‑flex instances powered by custom Intel Xeon 6 processors. AWS says these instances deliver up to 15% better price-performance and 2.5x the memory bandwidth of prior Intel-based generations, with up to 20–60% faster results on targeted workloads. R8i provides 13 sizes including a new 96xlarge and SAP certification, while R8i‑flex offers common, cost-efficient sizes from large to 16xlarge. Instances are initially available in N. Virginia, Ohio, Oregon, and Spain and can be purchased via On‑Demand, Spot, or Savings Plans.