The SWAPGS vulnerability is a speculative execution side-channel vulnerability that allows bad actors to read data from privileged memory. In order to increase performance in CPUs, a feature called speculative execution will execute instructions before it knows if they are needed or not. Vulnerabilities that target this feature are called side-channel attacks.
A New Side Channel attack arrived: SWAPGS Read More »
CryptoLocker, a new and nasty piece of malicious software is infecting computers around the world – encrypting important files and demanding a ransom to unlock them. According to Sophos, the worldwide digital security company, it’s been hitting pretty hard for the past six weeks or so. “It systematically hunts down every one of your personal
Baldr stealer (also known as Trojan: MSIL/Darbl.A) is a malicious program that steals data. Cybercriminals can purchase this tool from hacking forums to generate revenue by misusing recorded (stolen) information. Generally, they present this program as a tool that can be used for a number of purposes. At the time of research, it was promoted through CS:
A previously unreported advanced banking trojan named Gustuff can steal funds from accounts at over 100 banks across the world and rob users of 32 cryptocurrency Android apps.
Gustuff Banking Trojan Read More »
LookBack malware is a remote access Trojan written in C++ that relies on a proxy communication tool to relay data from the infected host to a command and control IP. When this function is executed, the Sodom Normal communications module begins running within Libcurl.dll. In addition to loading the communications module, the initial macro described above configures a persistence mechanism for this
