HackDig : Dig high-quality web security articles for hackers

Intel announces “exploit busting” features in its next processor chips

byPaul DucklinIntel is adding two new exploit detection systems into its forthcoming processors.The new technology has been at least four years in the making, according the chip giant’s recently updated specification document, which contains a “version 1.0” release date of June 2016.Intel’s PR machine has been making waves about the s
Publish At:2020-06-16 14:48 | Read:242 | Comments:0 | Tags:Uncategorized ASLR CET DEP Exploit gadget intel ROP vulnerab

PathArmor: Practical ROP Protection Using Context-sensitive CFI

In October 2015, at the ACM CCS 2015 conference, my colleagues Dennis Andriesse and Victor van der Veen from the Vrije Universiteit Amsterdam presented a paper, co-authored by me, a researcher at Lastline Labs, on control-flow integrity entitled "Practical Context-Sensitive CFI". This paper discusses PathArmor, a system
Publish At:2015-11-03 23:35 | Read:3775 | Comments:0 | Tags:return-oriented programming PathArmor ROP

A Look Inside a CVE-2013-3918 Exploit

Editor’s Note: Berman Enconado is a senior software security engineer in the Security Labs. He’s been in the industry for more than 10 years and has given talks to local universities on several occasions as part of the company’s security awareness drives. Last November 8, our friends at FireEye had discovered an exploit malware that targets
Publish At:2014-08-15 09:18 | Read:4061 | Comments:0 | Tags:Featured ThreatTrack Security Labs Web threats CVE-2013-3918

Is EMET Dead?

Exploit mitigation techniques have come a long way. In the 90s, any stack overflow was trivial to exploit for arbitrary code execution but over time, the protections have expanded.We now have DEP to prevent execution of user-writable data and ASLR to randomize the addresses space, making it harder to predict where a payload or a library would exist in memory
Publish At:2014-08-14 16:40 | Read:4029 | Comments:0 | Tags:Featured Articles Vulnerability Management Black Hat 2014 CF

Quick fix on ROPeme's ImportError: No module named distorm

Sup' all,I'm currently working on my ROP skills and trying out ROPeme[1]. So what ROPeme does is that it helps exploit developers / researchers to generate ROP gadgets easily. For those who wants to find out more about ROP or return-oriented programming, try this tutorial: http://www.exploit-db.com/wp-content/themes/exploit/docs/28479.pdf  It
Publish At:2014-08-12 20:05 | Read:5424 | Comments:0 | Tags:distorm exploit dev importError ROP ROPeme


Share high-quality web security related articles with you:)