Linux io_uring PoC Rootkit Bypasses System Call-Based Threat Detection Tools

Cybersecurity researchers have demonstrated a proof-of-concept PoC rootkit dubbed Curing that leverages a Linux asynchronous I/O mechanism called iouring to bypass traditional system call monitoring. This causes a "major blind spot in Linux runtime security tools," ARMO said. "This mechanism allo...

To bypass the buffer overflow protection system-vulnerability warning-the black bar safety net

1-Introduction Recently a period of time,some of the commercial security agencies begin to propose some solutions to solve the buffer overflow problem. This article analyzes these protection schemes,and introduce some techniques to bypass the buffer overflow protection system. Now quite a few...