Researchers have discovered a vulnerability in DDR4 memory modules made by Corsair. By tricking the CPU into accessing nonexistent addresses, a script called BadRAM enables an attacker to read and write to protected memory regions. The attacker can then copy the cryptographic hash and boot a backdoored VM. The flaw stems from the fact that some DIMM models allow software-only modifications.
New Malware Loaders Use Call Stack Spoofing, GitHub C2, and .NET Reactor for Stealth
An updated version of a malware loader, known as Hijack Loader, has been discovered with new features aimed at evading detection and maintaining persistence. The
