‘Thunderclap’ vulnerability could leave Thunderbolt computers open to attacks

February 28, 2019

‘Thunderclap’ vulnerability could leave Thunderbolt computers open to attacks

A team of researchers has revealed a new security vulnerability in the Thunderbolt data transfer specification called “Thunderclap” that could leave computers open to serious attacks from otherwise innocuous USB-C or DisplayPort hardware.

As researcher Theo Markettos explains, Thunderclap takes advantage of the privileged, direct-memory access (DMA) that Thunderbolt accessories are granted to gain access to the target device. Unless proper protections are put in place, hackers can use that access to steal data, track files, and run malicious code.

It’s the sort of OS-level access that accessories like GPUs or network cards are typically granted. Because Thunderbolt is designed to replicate those functions externally, it requires the...

from The Verge - All Posts https://ift.tt/2BUuJbG
via IFTTT

Search This Blog

Technology News

‘Thunderclap’ vulnerability could leave Thunderbolt computers open to attacks

Comments

Post a Comment

Popular Posts

Drone crash near kids leads Swiss Post and Matternet to suspend autonomous deliveries

Norway draws up plans to slash energy supplies to Europe, driving power prices to record highs