A security researcher designed a way to "weaponize" microcode updates to install ransomware directly onto the CPU. Rapid7 analyst Christiaan Beek drew inspiration from a critical flaw in AMD's Zen processors, discovered by Google researchers earlier this year. The flaw could allow attackers to modify the RDRAND instruction and inject a custom microcode that always selects "4" when generating a random number.
Link: You must be logged in to see this link.
Link: You must be logged in to see this link.