Researchers from a combination of academic and corporate backgrounds have disclosed a newly discovered side-channel attack technique that targets the operating system page cache and affects devices regardless of hardware architecture or OS.
"The page cache is a pure software cache that contains all disk-backed pages, including program binaries, shared libraries,and other files, and our attacks thus work across cores and CPUs," warns a new report issued by researchers from Graz University of Technology, Boston University, NetApp, CrowdStrike and Intel Corporation.
The technique allows unprivileged actors to monitor instances of memory access involving certain processes, thereby enabling them to execute a variety of local and remote attacks. Under certain instances, malicious hackers could potentially use this exploit to set up covert channels between segregated processes, engage in clickjacking (via UI redressing), perform keystroke-timing attacks, steal passwords from vulnerable PHP scripts, and remotely leak information across a network.
Please register to continue.
Already registered? Log in.
Once you register, you'll receive:
The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.
Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.
SC Media’s essential morning briefing for cybersecurity professionals.
One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.