Inter-VM Data Exfiltration: The Art of Cache Timing Covert Channel on x86 Multi-Core

On x86 multi-core covert channels between co-located Virtual Machine (VM) are real and practical thanks to the architecture that has many imperfections in the way shared resources are isolated.

This talk will demonstrate how a non-privileged application from one VM can ex-filtrate data or even establish a reverse shell into a co-located VM using a cache timing covert channel that is totally hidden from the standard access control mechanisms while being able to offer surprisingly high bps at a low error rate.
Continue reading…


Applying DevOps Principles for Better Malware Analysis

The malware battle online is far from being over. Several thousands of new malware binaries are collected by antivirus companies every day. Most organizations don’t have the expertise on staff to know if they are being targeted or if they are hit with mass-spreading malware, although knowing the difference is vital for a proper defensive strategy. Continue reading…