A new dynamic random-access memory (DRAM) attack method disclosed by researchers on Friday can allow malicious actors to steal sensitive data from a virtual machine, through a covert channel, using JavaScript.
Anders Fogh, principal malware analyst at G DATA Advanced Analytics, and Michael Schwarz, a Ph.D. student at the Graz University of Technology in Austria, detailed the security implications of current DRAM design and demonstrated some practical cross-CPU attacks. The first part of this research was presented in August at the 25th USENIX Security Symposium.
Leave a reply
