Archive for AMD

AMD Apparently Pwned By RansomHouse…. And It Might Have Been Easy To Do

Posted in Commentary with tags , on June 29, 2022 by itnerd

It seems that chipmaker AMD had been pwned by the ransomware and extortion group RansomHouse:

RansomHouse, a relatively new data-extortion cybercrime group, has announced a major new victim. Today, the group published a new update on its darknet site and are claiming to have breached Advanced Micro Devices (AMD), the large chip manufacturing company.

RansomHouse is claiming to have breached AMD’s network and exfiltrated “more than 450 Gb” of data back in January 2022. The group has also published a data sample as evidence.

And assuming that this happened, it looks like AMD was pwned rather easily. Check this out:

It’s no secret that hackers can easily launch attacks against networks with commonly-used passwords to to gain access. 

According to RansomHouse, this was the case with AMD, which the group claims was using “simple passwords” to protect its network.

An era of high-end technology, progress and top security…there’s so much in these words for the crowds. But it seems those are still just beautiful words when even technology giants like AMD use simple passwords like ‘password’ [others passwords redacted] … to protect their networks from intrusion. It is a shame those are real passwords used by AMD employees, but a bigger shame to AMD Security Department which gets significant financing according to the documents we got our our hands on – all thanks to these passwords.

– RansomHouse group

If that’s true, that’s really embarrsing for AMD.

AMD had this to say when they were asked about this:

On June 27th, we reached out to AMD for comment. AMD provided us with the following statement on June 28th:

AMD is aware of a bad actor claiming to be in possession of stolen data from AMD. An investigation is currently underway.  

-AMD Communications Director

RestorePrivacy is in contact with both AMD and RansomHouse and will update this article with any new information provided to us from either party.

That sounds like to me that this has actually happened. But we may want to wait for a more fulsome confirmation.

Saryu Nayyar, CEO and Founder, Gurucul:

     “In an ironic twist of fate, AMD survived the global chip supply chain crisis during the COVID-19 pandemic only to be victimized by ransomware from a new data extortion group. Doubling down on irony is that AMD staff used “password” as the password for critical network access. How does this still happen in companies with security savvy engineers? It’s beyond comprehension quite frankly. Time to spin all the passwords and clean up security controls. Seriously, it’s time.”

I can’t wait for the full details to come out. Because if these details are fact, a lot of people at AMD have some explaining to do.

UPDATE: Darren Williams, CEO and Founder of BlackFog added this comment:

     “We haven’t yet seen evidence of the attack on AMD, but RansomHouses’ recent attack on the Shoprite Group in South Africa would indicate that they are focused on large organizations with weak security. As with all cyberattacks it really doesn’t matter how the bad actors found their way in, weak passwords or otherwise, if they want to find a way in, they will be successful! What really matters is what data they were able to leave with. Extortion is the focus for cybercriminal gangs and organizations should look to newer technologies like anti data exfiltration to stop them in their tracks and prevent any unauthorized data from being exfiltrated.”

Oh Noes! Seven New Meltdown And Spectre Style CPU Attacks Found!

Posted in Commentary with tags , , on November 14, 2018 by itnerd

A team of nine academics has revealed today seven new CPU attacks. The seven impact AMD, ARM, and Intel CPUs to various degrees:

Two of the seven new attacks are variations of the Meltdown attack, while the other five are variations on the original Spectre attack — two well-known attacks that have been revealed at the start of the year and found to impact CPUs models going back to 1995. Researchers say they’ve discovered the seven new CPU attacks while performing “a sound and extensible systematization of transient execution attacks” — a catch-all term the research team used to describe attacks on the various internal mechanisms that a CPU uses to process data, such as the speculative execution process, the CPU’s internal caches, and other internal execution stages. The research team says they’ve successfully demonstrated all seven attacks with proof-of-concept code. Experiments to confirm six other Meltdown-attacks did not succeed, according to a graph published by researchers.

Well. This isn’t good. It’s a safe bet that people at ARM, AMD, and Intel are scrambling to verify if these attacks are fixable and how fast they can get those fixes out to the public.

Fun times….

A Tour Of The CNE Gaming Garage

Posted in Commentary with tags on August 26, 2018 by itnerd

This weekend AMD invited me to the CNE Gaming Garage at the Canadian National Exhibition in Toronto.


This is place to play and watch video game tournaments, pinball tournaments as well as some tech demos.


There were retro video games like Pac Man, Tetris, and Galaga for those of a certain age who remember going to arcades to play video games.


Here’s the pinball tournament in action.


You could play (in this case Fortnite) for fun, or sign up for a tournament if you want to take things up to another level.



Or you can watch the experts play on the main stage.



A lot of cool looking custom gaming rigs wee on display.


Not to mention some cool VR demos that I tried and found to be very cool.


Just Dance 2018 was on display. You have to match what the on screen characters are doing to score points.

But the thing that was on display and people did not know was on display was AMD’s FreeSync 2 technology. In short the original FreeSync technology essentially allows a display to vary its refresh rate to match the render rate of a graphics processor, so that, for example, a game running at 54 FPS is displayed at 54 Hz, and when that games bumps up to 63 FPS the display also shifts to 63 Hz. This reduces stuttering and screen tearing compared to monitor operating at a fixed refresh rate, say 60 Hz, displaying a game running at an unmatched render rate like 54 FPS.  FreeSync 2 steps that up by having monitors that have been validated to have the additional features that are required to have FreeSync 2 to work. I played a couple of rounds of Fortnite (badly) and found that the graphics were incredibly smooth and fluid. Clearly it’s worth the investment to get an AMD graphics card and monitor that both support FreeSync 2.

It was a very interesting experience to watch the tournaments and try out the demos at the CNE Gaming Garage, making this a great Sunday. I’d like to thank AMD for the invitation as it was a very eye opening.


AMD And Microsoft Kick Out Fixes For Spectre

Posted in Commentary with tags , on April 12, 2018 by itnerd

AMD has begun rolling out microcode updates for its processors affected by the Spectre vulnerability. Specifically variant 2 of Spectre. It has been supplied to PC and motherboard makers to include in upcoming BIOS updates. Which I am going to guess will drop fairly quickly. On top of that, it will cover AMD processors going back to 2011.

You should also note that even with the BIOS update, you will need a patch from Microsoft as well. They’ve released an update in the form of KB4093112, which also includes special OS-level patches for AMD users with regard to the Spectre v2 vulnerability.

Thus, I’d be checking your motherboard manufacturer’s website and Windows Update for these updates.

AMD Comments On Chip Flaws: Nothing To See Here

Posted in Commentary with tags on March 21, 2018 by itnerd

AMD has finally commented on the security flaws in its Epyc, Ryzen, Ryzen Pro, and Ryzen Mobile chips, identified in a frankly dodgy manner by CTS Labs a week ago. In a post on the AMD website on Tuesday, Mark Papermaster, senior VP and CTO of AMD, had this to say. Oh as an aside, if the name sound familiar to frequent readers of this blog, this is why:

It’s important to note that all the issues raised in the research require administrative access to the system, a type of access that effectively grants the user unrestricted access to the system and the right to delete, create or modify any of the folders or files on the computer, as well as change any settings. Any attacker gaining unauthorized administrative access would have a wide range of attacks at their disposal well beyond the exploits identified in this research. Further, all modern operating systems and enterprise-quality hypervisors today have many effective security controls, such as Microsoft Windows Credential Guard in the Windows environment, in place to prevent unauthorized administrative access that would need to be overcome in order to affect these security issues

At least we know these flaws are real now. But in AMD’s opinion you would have to be highly skilled to exploit these flaws. In short, there’s nothing to see here. But they’re still going to fixed via firmware updates that are coming real soon now. No timeframe on those fixes just yet. But it appears to be a measured response. Far more measured than how these bugs were disclosed by CTS Labs, who wasn’t mentioned once in the post. That tells you all you need to know about what AMD thinks of CTS Labs.


Linus Torvalds Calls Out CTS Labs Report Of AMD CPU Flaws….. So What Is The Truth About This?

Posted in Commentary with tags on March 15, 2018 by itnerd

Earlier this week I told you about a company called CTS Labs who went public with flaws that are allegedly in AMD CPUs after only giving AMD a day to respond. Then they explained why they went that route yesterday, which left me calling “BS” on their explanation. But now things have gotten real with Linus Torvalds basically calling the company and their report out on Google+. I encourage you to scroll through the entire discussion as it is very interesting, but here’s some screenshots of some highlights involving the man himself in chronological order:


Tell us how you really feel Linus.

But in all seriousness, he makes some very good points in ways that only he can make them. Which is entertaining to read. While I didn’t consider the stock manipulation part, I did say this yesterday:

The cynic in me says that this company who nobody had heard of before yesterday was looking for a way to get their name in the news. So when they tripped over this issue…. Assuming that this discovery is accurate of course seeing as AMD hasn’t yet confirmed it…. They went into “beast mode” to create a slick website with equally slick videos to get their message out before speaking to AMD and giving them a day to respond. Of course knowing that they could not respond that quickly. Then when the 24 hours were up, BOOM, you get this. This whole thing sounds really fishy to me.

What makes this whole thing plausible is an investigation by Gamers Nexus which found the following regarding CTS Labs:

  •, was registered mere weeks ago
  • The backgrounds in CTS-Labs videos explaining the flaws and its research appear to be green screens of offices rather than physical locations.
  • They have a disclaimer on their website that suggests that they have an “economic interest” and have made statements to that effect.

None of this is a smoking gun. But it all sounds kind of suspicious.

As for AMD stock, it doesn’t look like it’s changed all that much since this whole affair began. Clearly investors feel that what CTS Labs has to say falls under the category of “nothing to see here, move along”.

But let’s take the other side of the argument. There’s this person who has claimed to have verified that these flaws are real:

Dan Guido is the CEO of a company called Trail Of Bits. They are an IT security firm out of NYC and they do have a reputation that is positive from what I have heard. Thus it would suggest that the flaws are real. But there’s so much “noise” surrounding this rather craptastic disclosure that it is next to impossible to separate fact from fiction. Thus my suggestion is that we all need to take a deep breath and actually determine what the facts really are. It could be CTS Labs is telling the truth. But they delivered it in such a horrible manner that nobody trusts them. The bottom line is that we need to get to the bottom of this sooner rather than later. Because the longer that this sits out there with a lack of facts, the more the “noise” will increase. And that’s not good for anyone.

CTS Labs Explains Why It Gave AMD A Single Day To Respond To Alleged Chip Flaws….. I Don’t Know If I Believe It Though

Posted in Commentary with tags on March 14, 2018 by itnerd

Yesterday I told you about a company called CTS Labs who went public with flaws that are allegedly in AMD CPUs after only giving AMD a day to respond. That bucks the standard of giving a company 90 days to fix an issue before going public. That’s known as Responsible Disclosure. But these guys clearly don’t buy into that and the question I have is why did they simply give AMD a single day to respond. It truly sounds underhanded. We now have answers on that front via Tom’s Hardware where CTS Labs explained why they went that route:

CTS Labs told us that it bucked the industry-standard 90-day response time because, after it discussed the vulnerabilities with manufacturers and other security experts, it came to believe that AMD wouldn’t be able to fix the problems for “many, many months, or even a year.” Instead of waiting a full year to reveal these vulnerabilities, CTS Labs decided to inform the public of its discovery.

That isn’t to say that CTS Labs revealed the problems without checking their veracity. The company told us that it consulted with other security experts and manufacturers about the issue, provided them with proofs of concept and tutorials for exploiting the vulnerabilities, and waited for their responses before preparing the flaws for public disclosure. Trail of Bits CEO Dan Guido confirmed that his company backed up the findings, for example.

I am sorry but I have a huge problem with this explanation. The cynic in me says that this company who nobody had heard of before yesterday was looking for a way to get their name in the news. So when they tripped over this issue…. Assuming that this discovery is accurate of course seeing as AMD hasn’t yet confirmed it…. They went into “beast mode” to create a slick website with equally slick videos to get their message out before speaking to AMD and giving them a day to respond. Of course knowing that they could not respond that quickly. Then when the 24 hours were up, BOOM, you get this. This whole thing sounds really fishy to me. Besides if we assume that none of these flaws were in the wild, there’s little risk to those who own these processors. AMD could look at this, figure out how to address it, and do in a reasonable manner. But now that these flaws are in the wild, AMD likely will have to rush to get something out to address this. Again, assuming that this discovery is accurate. I really don’t get the warm fuzzies from these guys. I want to see how AMD responds to this, and if it’s proven (key word proven) to be false or having a very limited impact, I hope they take appropriate action against CTS Labs.

AMD May Have Chip Flaws Of Its Own

Posted in Commentary with tags on March 13, 2018 by itnerd

A couple of months ago we heard about Meltdown and Spectre. That was bad as it’s affected everyone who runs a PC, Mac, or pretty much anything else. But it’s about to get worse as we now have the following new chip flaws to worry about:

  • RyzenFall
  • MasterKey
  • Fallout
  • Chimera

The flaws, which are 13 vulnerabilities that fall into the above four buckets, were uncovered by a company called CTS Labs who served up a report via a very slick and fancy website and reportedly only gave AMD 24 hours to respond. That’s a bit of a #fail as we don’t know if their findings are actually valid. Here’s one reason why I am personally skeptical. There’s this disclaimer on the website that I linked to above:

Although we have a good faith belief in our analysis and believe it to be objective and unbiased, you are advised that we may have, either directly or indirectly, an economic interest in the performance of the securities of the companies whose products are the subject of our reports. Any other organizations named in this website have not confirmed the accuracy or determined the adequacy of its contents.

We’re expected to look past that and take this group seriously? Uh, my gut feeling is not to. But I will suspend disbelief as AMD is investigating and I am sure that every hacker on Earth is too so that they can leverage these flaws, if they are accurate, for pwnage on an epic scale. But if they aren’t accurate, I hope AMD sues them out of existence.

More to come.



AMD Gets Sued Over Spectre CPU Flaw

Posted in Commentary with tags on February 22, 2018 by itnerd

At least four separate lawsuits have now been filed against AMD alleging violations ranging from securities fraud to breach of warranty, unfair competition, and negligence. The cases, all submitted to a US district court in San Jose, include:

The first three suits seek damages from AMD on behalf of those who bought an AMD processor that has the Spectre flaw. The last one seeks to recover cash for shareholders of AMD who bought AMD stock between between February 21, 2017 and January 11, 2018. Now the first three cases could be merged into a single case, but regardless. This is bad for AMD who joins Intel in circling their legal wagons.

You can fully expect more lawsuits to come AMD’s way. Mark my words.

Amazon, AMD, Apple, ARM, Google, Intel & Microsoft Are Asked To Answer Spectre And Meltdown Questions

Posted in Commentary with tags , , , , , , on January 25, 2018 by itnerd

It seems the Spectre and Meltdown gong show just got real. The leaders of Amazon, AMD, Apple, ARM, Google, Intel and Microsoft have been asked via a letters to answer questions about the two CPU bugs by Republican members of the US House of Representatives.

Specifically, the politicians want to know about a secrecy agreement that was put in place by these same companies. In short the agreement demanded silence from June 2017 which is when researchers recognized the seriousness of the processor design flaws, through the planned date of coordinated disclosure on Tuesday, January 9, 2018. Except that The Register found out about the flaws and dropped the details on an unsuspecting world a week before the deal expired, which caused these companies to scramble to get fixes out.

You have to suspect that this is the first step in the eventual public flogging known as a Congressional Hearing. Given that this is an election year, that won’t end well for any of these companies. But we’ll see if congress decides to go there.