3 matches found
Secured-core PCs: A brief showcase of chip-to-cloud security against kernel attacks
Gaining kernel privileges by taking advantage of legitimate but vulnerable kernel drivers has become an established tool of choice for advanced adversaries. Multiple malware attacks, including RobbinHood, Uroburos, Derusbi, GrayFish, and Sauron, and campaigns by the threat actor STRONTIUM, have...
TrueType Font Exploits Gateway to Kernel Attacks
Font-parsing vulnerabilities weren’t part of the security consciousness much until the discovery of Duqu at the end of 2011. The spy malware hooked into the Windows kernel through bugs in the TrueType font file parsing engine, and not only breathed new life into the concept of cyber espionage, bu...
Malware Using White Lists, Forgery, Kernel Attacks To Stay Alive
BARCELONA — Rootkit programs are increasingly mimicking anti virus programs: adopting self protection features and even application whitelists to maintain control over the systems they control, according to a presentation at the annual Virus Bulletin Conference. Rachit Mathur, a research scientis...