MDS is a family of vulnerabilities in different (related) components of the processor. Unlike Meltdown, MDS doesn’t allow an attacker to directly control the target memory address from which they would like to leak data. Instead, MDS is a form of “sampling” attack in which an attacker can leverage cache side-channel analysis to repeatedly measure […]
MDS-Micro architectural Data Sampling Read More »
Varenyky is the name of a trojan which operates as a spambot. It is known that this malicious software if installed, records the victim’s screen when a website containing adult content like pornography is being visited. Same applies to some pages with keywords related to sex.
Varenyky Spambot Trojan Read More »
In a newly-confirmed Black Hat USA Briefing on HTTP Desync Attacks: Smashing into the Cell Next Door, security researcher James Kettle introduce techniques remote, unauthenticated attackers can use to splice their HTTP requests into others.
HTTP Desync Attacks: Request Smuggling Reborn Read More »
Bluetooth is a high-speed but very short-range medium for exchanging data by wireless means between desktop and mobile computers, smartphones, tablets, PDAs (Personal Digital Assistants), and other devices that support the technology.
Bluesnarfing attack Read More »
The SWAPGS vulnerability is a speculative execution side-channel vulnerability that allows bad actors to read data from privileged memory. In order to increase performance in CPUs, a feature called speculative execution will execute instructions before it knows if they are needed or not. Vulnerabilities that target this feature are called side-channel attacks.
A New Side Channel attack arrived: SWAPGS Read More »
