Posts tagged Attacks
Protecting Your Embedded System from BlindSide and Other Zero-Day Cybersecurity Attacks
Protecting Your Embedded System from BlindSide and Other Zero-Day Cybersecurity Attacks

In September of 2020, a team at the Systems and Network Security Group at VU Amsterdam announced a new technique for developing exploits they called BlindSide [1].

BlindSide allows an attacker to conduct Blind ROP-style [2] attacks against targets that are not crash-resistant, such as the Linux kernel. What does this mean for you as a system engineer? It means BlindSide can enable an attacker with knowledge of a single kernel overflow vulnerability to convert an unprivileged shell to a root shell despite recent kernel features designed to prevent information leaks which can lead to these types of privilege escalations.

It is techniques like BlindSide, and other techniques still unknown, that drive Star Lab to design its products with the assumption that an attacker will gain root access. It is why we advocate everyone at least consider…

Read More
Cyber SecurityShaun RuffellCyber Security, Attacks
Protecting Linux-Based Systems from Russian Cyber-Espionage Malware, Drovorub
Protecting Linux-Based Systems from Russian Cyber-Espionage Malware, Drovorub

On August 13th, 2020, The National Security Agency and Federal Bureau of Investigations released a cybersecurity advisory that warned anyone deploying or maintaining a Linux system about a new Russian (and now worldwide) cyber espionage threat named Drovorub. Of course, this isn't the first time a government-sponsored cyber threat has found its way into the wild. But its newsworthiness lies not in its origin, novelty, or effectiveness, but in the fact that it can be completely prevented to begin with.

Read More
Cyber SecurityGuest UserCyber Security, Attacks, Countermeasures, Secure Boot, Linux
Crucible Mitigates Intel Information Disclosure Vulnerabilities
Crucible Mitigates Intel Information Disclosure Vulnerabilities

The Crucible Embedded Hypervisor mitigates the recent rash of CPU-based information leakage / unauthorized disclosure vulnerabilities, including those made public in CVE 2018-3620 and CVE 2018-3646. The Xen project further classifies these vulnerabilities under XSA 273. Crucible inherently mitigates these speculative execution (and related Spectre / Meltdown) vulnerabilities as a result of its explicit hardware resource allocation strategy, and overall secure-by-design configuration.

Read More
ProductsJonathan KlineAttacks, Countermeasures, Crucible