submitted by /u/hardenedvault [link] [comments] Go to Source of this post Author Of this post: /u/hardenedvault
Trivial file transfer between separate VMs executed on the same host by modulating the CPU load. This is intended as an illustration for the M1RACLES discussion, to support the point that the M1’s system register does not add new means of data exchange and is not a real vulnerability
submitted by /u/spym_ [link] [comments] Go to Source of this post Author Of this post: /u/spym_
Write-up: runc mount destinations can be swapped via symlink-exchange to cause mounts outside the rootfs (CVE-2021-30465)
submitted by /u/champtar [link] [comments] Go to Source of this post Author Of this post: /u/champtar
“Half-Double”: Next-Row-Over Assisted Rowhammer: demonstrates a new attack that bypasses row hammer defenses. It is based on a discovery of weak coupling between two rows that are not immediately adjacent to each other but one row removed.
submitted by /u/digicat [link] [comments] Go to Source of this post Author Of this post: /u/digicat
Aadhaar updates. Fancy Bear doxes the Olympics. WhatsApp snooping vulnerability discussed. Spectre and Meltdown patching. US House reauthorizes Section 702. Bitcoin isn’t Bitcoin Cash.
In today’s podcast we hear that the Government of India is working on Aadhaar security, suspending many officials’ access. Fancy Bear doxes the…
Turla returns. Moscow interested in Mexican elections? FakeBank mobile Trojan hits Russian banks. Phishing the Olympics. Patch Tuesday. Bad flashlights, nice doggie.
In today’s podcast, we hear that Turla’s back, with a depressingly nifty man-in-the-middle campaign. The US thinks it sees Russia trying…
Spectre and Meltdown mitigations. Psiphon and Iran’s unrest. Olympic phishing. Mobil pop-up redirection. Alt-coin speculation.
In today’s podcast, we hear about how Spectre and Meltdown mitigations are proceeding, with many successes (but some blue-screen-of-death failures, too). Psiphon looks like the souped-up…