Our handpicked selection of the most recent infosec articles from around the web. L0rdix malware is available for sale in underground forums and there’s JavaScript that can even track when using the Tor browser.

For more articles, check out our #onpatrol4malware blog.

L0rdix malware

Securing Mobile Devices During Holiday Travel

Source: US-CERT

As the holiday season begins, many people will travel with their mobile devices. Although these devices—such as smart phones, tablets, and laptops—offer a range of conveniences, users should be mindful of potential threats and vulnerabilities while traveling with them. Read more.

L0rdix malware

L0rdix: Multipurpose Attack Tool

Source: Ensilo

L0rdix, currently available for purchase in underground forums, is aimed at infecting Windows-based machines, combines stealing and cryptocurrency mining methods, can avoid malware analysis tools and is designed to be a universal “go-to” tool for attackers. Read more.

remote access Trojan

ECCploit: ECC Memory Vulnerable to Rowhammer Attacks After All

Source: VUSec

Where many people thought that high-end servers were safe from the (unpatchable) Rowhammer bitflip vulnerability in memory chips, new research from VUSec, the security group at Vrije Universiteit Amsterdam, shows that this is not the case. Read more.

remote access Trojan

Talk about a cache flow problem: This JavaScript can snoop on other browser tabs to work out what you’re visiting

Source: The Register

Computer science boffins have demonstrated a side-channel attack technique that bypasses recently-introduced privacy defenses, and makes even the Tor browser subject to tracking. Read more.

remote access Trojan

Researchers link XLoader and FakeSpy malware families to Yanbian Gang

Source: SC Media

Trend Micro researchers believe they have spotted a connection between the XLoader and FakeSpy malware families along with possible ties to the Yanbian Gang. Read more.