This week, AV-TEST's census of samples of circulating malware that attempt to exploit the Meltdown and Spectre bugs hit 139, up from 77 on January 17.
AV-TEST CEO Andreas Marx says that the different strains of malware mostly contain recompiled versions of the same proof-of-concept code released with the initial report on the bugs.
It doesn't appear that any of the exploits work yet, but it's clear that malware authors are working to actively exploit Meltdown and Spectre.
Early reports suggested that mitigating Meltdown and Spectre would be easy, but in practice, attempts to mitigate the defects have been a catastrophe.
Marx believes different groups are working on the PoC exploits to determine if they can be used for some purpose. “Most likely, malicious purposes at some point,” he said.
The expert believes the current malware samples are still in the “research phase” and attackers are most likely looking for ways to extract information from computers, particularly from web browsers. He would not be surprised if we started seeing targeted and even widespread attacks in the future.
Malware Exploiting Spectre, Meltdown Flaws Emerges [Eduard Kovacs/Securityweek]
This video was made a group of security researchers based at the Ben-Gurion University of the Negev and the Weizmann Institute of Science in Israel. The Lamphone, as they call it, is intended as an alternative method of eavesdropping on private conversations without having to compromise a device with malware. In their tests, the researchers […]
Journalist’s Resource published this great comic by Josh Neufeld, explaining the basic concepts behind differential privacy, the data collection method used to prevent bad actors from de-anonymizing the information gleaned from the 2020 Census. The original source includes some other great resources on differential privacy, but since the comic itself is made available under a […]
Last spring, a Baltimore underwent a grinding, long-term government shutdown after the city's systems were hijacked by ransomware. This was exacerbated by massive administrative incompetence: the city had not allocated funds for improved security, training or cyberinsurance, despite having had its emergency services network taken over by ransomware the previous hear, and five city CIOs […]
The aluminum can is a great invention. And for 60 years, it and its crafty little addition, the pull tab, have made transporting and drinking all of our favorite beers, soft drinks and other beverages about 1,000 percent easier. Of course, evolution continues — and even an innovation as awesome as the aluminum can is […]
It’s tempting for many young professionals to assume that because they’ve spent most of their lives posting links to Facebook or pushing selfies to Instagram that they have the skills needed to be a digital marketer. Creating compelling content is certainly important, but if you’re not up to speed on search engine optimization (SEO), how […]
With everybody working from home now, it’s natural to start thinking about careers where not going into the office is more the norm than the exception. Better yet, many are looking to start careers as freelancers, professionals who build their livelihoods around the scope of their talent and not the fortunes of one all-encompassing employer. […]