Ring Ø LabsDOES NOTadvocate using any of the malware, techniques, or information presented here for harm and doing so may violate the law. These topics are for mitigation and educational purposes only. Read more about ushere
What is Ring Ø Labs?
Ring Ø Labs is dedicated to providing education and research in the field of malware analysis, presenting security topics of interest, and promoting general awareness of tomorrows emerging threats.
Ring Ø Labs DOES NOT
promote or advocate using any of the malware, techniques, or information presented in this site for harm. Each of the aforementioned topics is for the educational benefit of our readers. We contribute research and mitigation strategies to the cyber security community and help identify new and emerging threats. Our aim is to help the cyber security community stay abreast of the ever changing cyber landscape.
Where do we get our malware from?
The malware samples we analyze are acquired through numerous sandbox sites online, compromised hosts, and through readers like you. Every sample is treated with the utmost care to avoid infection or propagation. If you are interested in submitting a file for analysis, click the SUBMIT button on our main page.
Where did the name Ring Ø Labs come from?
In computer science, there are two main protection modes for an Operating System; Ring Three and Ring Zero.
Ring 3 is known as the User level and it is where users perform their day-to-day tasks like surfing the internet, writing documents, etc.
Ring 0 is known as the Kernel level and it is heavily safeguarded by protection mechanisms within the Operating System. This is because having control at this level allows a program to execute immense control over the system.
Exploits and malware are often classified by the protection level they run at. The vast majority of these threats run at Ring 3 (User Level) and are capable of causing significant harm to the system. However, Ring 0 (Kernel Level) threats are considered extremely dangerous to a system because of their ability to operate outside the bounds of normal programs and interface directly with the Kernel of the OS.