CVE-2026-40337

The Sentry kernel is a high security level micro-kernel implementation made for high security embedded systems. A given task with one of the DEV or IO capability is able to interact with another task's IRQ line through the sysint syscall familly. Prior to version 0.4.7, this can lead to DoS and...

CVE-2026-40337

The Sentry kernel is a high security level micro-kernel implementation made for high security embedded systems. A given task with one of the DEV or IO capability is able to interact with another task's IRQ line through the sysint syscall familly. Prior to version 0.4.7, this can lead to DoS and...

Sentry kernel 安全漏洞

Sentry kernel is an open-source implementation of a microkernel for high-security embedded systems by camelot-os. Versions of the Sentry kernel prior to 0.4.7 contained security vulnerabilities. These vulnerabilities stemmed from tasks with DEV or IO capabilities being able to interact with anoth...

EUVD-2026-23603

The Sentry kernel is a high security level micro-kernel implementation made for high security embedded systems. A given task with one of the DEV or IO capability is able to interact with another task's IRQ line through the sysint syscall familly. Prior to version 0.4.7, this can lead to DoS and...

PT-2026-33535

The Sentry kernel is a high security level micro-kernel implementation made for high security embedded systems. A given task with one of the DEV or IO capability is able to interact with another task's IRQ line through the sys int syscall familly. Prior to version 0.4.7, this can lead to DoS and...

Side-Channel Attacks on Open VSwitch

Virtualization is widely adopted in cloud systems to manage resource sharing among users. A virtualized environment usually deploys a virtual switch within the host system to enable virtual machines to communicate with each other and with the physical network. The Open vSwitch OVS is one of the...

Improving the Identification of Real-World Malware's DNS Covert Channels Using Locality Sensitive Hashing

Nowadays, malware increasingly uses DNS-based covert channels in order to evade detection and maintain stealthy communication with its command-and-control servers. While prior work has focused on detecting such activity, identifying specific malware families and their behaviors from captured...

EUVD-2005-0110

Malware in sbrugna...

SpyChain: Multi-Vector Supply Chain Attacks on Small Satellite Systems

Small satellites are integral to scientific, commercial, and defense missions, but reliance on commercial off-the-shelf COTS hardware broadens their attack surface. Although supply chain threats are well studied in other cyber-physical domains, their feasibility and stealth in space systems remai...

DNS Tunneling: Threat Landscape and Improved Detection Solutions

Detecting Domain Name System DNS tunneling is a significant challenge in security due to its capacity to hide harmful actions within DNS traffic that appears to be normal and legitimate. Traditional detection methods are based on rule-based approaches or signature matching methods that are often...

Combining Different Existing Methods for Describing Steganography Hiding Methods

The proliferation of digital carriers that can be exploited to conceal arbitrary data has greatly increased the number of techniques for implementing network steganography. As a result, the literature overlaps greatly in terms of concepts and terminology. Moreover, from a cybersecurity viewpoint,...

Chinese Nation-State Hackers APT41 Hit Gambling Sector for Financial Gain

The prolific Chinese nation-state actor known as APT41 aka Brass Typhoon, Earth Baku, Wicked Panda, or Winnti has been attributed to a sophisticated cyber attack targeting the gambling and gaming industry. "Over a period of at least six months, the attackers stealthily gathered valuable informati...

Gus Simmons’s Memoir

Gus Simmons is an early pioneer in cryptography and computer security. I know him best for his work on authentication and covert channels, specifically as related to nuclear treaty verification. His work is cited extensively in Applied Cryptography. He has written a memoir of growing up dirt-poor...

Xen Platypus information leak via power sidechannel (XSA-351)

An information disclosure vulnerability exists in power/energy monitoring interfaces, which can be used to create covert channels and infer the operations and data used by other contexts within the system. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid142889;...

CVE-2020-28368

A flaw was found in Xen where access to power/energy monitoring interfaces was not properly restricted to privileged software. This flaw allows an unprivileged guest administrator to create covert channels and infer the operations or data used by other contexts within the system, such as AES keys...

Information leak via power sidechannel

ISSUE DESCRIPTION Researchers have demonstrated using software power/energy monitoring interfaces to create covert channels, and infer the operations/data used by other contexts within the system. Access to these interfaces should be restricted to privileged software, but it was found that Xen...

Exfiltrating Data from Air-Gapped Computers Using Screen Brightness

It may sound creepy and unreal, but hackers can also exfiltrate sensitive data from your computer by simply changing the brightness of the screen, new cybersecurity research shared with The Hacker News revealed. In recent years, several cybersecurity researchers demonstrated innovative ways to...

Over 1,300 Android Apps Caught Collecting Data Even If You Deny Permissions

Smartphones are a goldmine of sensitive data, and modern apps work as diggers that continuously collect every possible information from your devices. The security model of modern mobile operating systems, like Android and iOS, is primarily based on permissions that explicitly define which sensiti...

Over 1,300 Android Apps Caught Collecting Data Even If You Deny Permissions

Smartphones are a goldmine of sensitive data, and modern apps work as diggers that continuously collect every possible information from your devices. The security model of modern mobile operating systems, like Android and iOS, is primarily based on permissions that explicitly define which sensiti...

How to Steal Bitcoin Wallet Keys (Cold Storage) from Air-Gapped PCs

Dr. Mordechai Guri, the head of R&D team at Israel's Ben Gurion University, who previously demonstrated various methods to steal data from an air-gapped computer, has now published new research named "BeatCoin." BeatCoin is not a new hacking technique; instead, it's an experiment wherein the...