HackDig : Dig high-quality web security articles for hackers

Intel announces “exploit busting” features in its next processor chips

byPaul DucklinIntel is adding two new exploit detection systems into its forthcoming processors.The new technology has been at least four years in the making, according the chip giant’s recently updated specification document, which contains a “version 1.0” release date of June 2016.Intel’s PR machine has been making waves about the s
Publish At:2020-06-16 14:48 | Read:242 | Comments:0 | Tags:Uncategorized ASLR CET DEP Exploit gadget intel ROP vulnerab

[CRITICAL] CVE-2015-7547: glibc getaddrinfo stack-based buffer overflow

Have you ever been deep in the mines of debugging and suddenly realized that you were staring at something far more interesting than you were expecting? You are not alone! Recently a Google engineer noticed that their SSH client segfaulted every time they tried to connect to a specific host. That engineer filed a ticket to investigate the behavior and after
Publish At:2016-11-20 03:20 | Read:5670 | Comments:0 | Tags:Application Security Cyber Security Cyber Security Research

Flaw in Intel CPUs could allow to bypass ASLR defense

A flaw in Intel chips could be exploited to launch “Side channel” attack allowing attackers bypass protection mechanism known as ASLR. A vulnerability in the Intel’s Haswell CPUs can be exploited to bypass the anti-exploitation technology address space layout randomization (ASLR) that in implemented by all the principal operating systems. The ASLR is a
Publish At:2016-10-20 07:55 | Read:5338 | Comments:0 | Tags:Breaking News Hacking ASLR chip buffer overflow Intel

Google’s own researchers challenge key Android security talking point

Members of Google's Project Zero vulnerability research team have challenged a key talking point surrounding the security of Google's Android mobile operating system. To wit, a key exploit mitigation known as address space layout randomization does much less than the company's overworked public relations people say in blocking attacks targeting critical weak
Publish At:2015-09-18 05:15 | Read:3303 | Comments:0 | Tags:Gear & Gadgets Risk Assessment Technology Lab address space

Patch Tuesday wrap-up, August 2014: RCE + ASLR bypass + EoP == patch early, patch all!

Patch Tuesday for August 2014 has arrived, with Adobe and Microsoft delivering their now-familiar security fixes.Adobe has updated both its Flash and Reader (plus Acrobat) products, patching just a single known hole in Reader/Acrobat, but seven vulnerabilities in Flash.The Flash security announcement (APSB14-18) runs to an ploddingly long 1500 words or so, b
Publish At:2014-08-15 09:04 | Read:4335 | Comments:0 | Tags:Adobe Adobe Flash Featured Internet Explorer Microsoft Vulne


Share high-quality web security related articles with you:)