Stories
Slash Boxes
Comments

SoylentNews is people

posted by n1 on Saturday June 10 2017, @08:03AM   Printer-friendly
from the looks-shady,-but-it's-good-for-business dept.

Microsoft's security team has come across a malware family that uses Intel's Active Management Technology (AMT) Serial-over-LAN (SOL) interface as a file transfer tool.

Because of the way the Intel AMT SOL technology works, SOL traffic bypasses the local computer's networking stack, so local firewalls or security products won't be able to detect or block the malware while it's exfiltrating data from infected hosts.

This is because Intel AMT SOL is part of the Intel ME (Management Engine), a separate processor embedded with Intel CPUs, which runs its own operating system.

Intel ME runs even when the main processor is powered off, and while this feature looks pretty shady, Intel built ME to provide remote administration capabilities to companies that manage large networks of thousands of computers.

-- submitted from IRC


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.