HackDig : Dig high-quality web security articles for hackers

Diving into EMET

Table of Contents Overall Structure Configuration Tools Service Agent EMET Implementation DLLs Previous EMET Bypasses Last week, we decided to take a look onto the EMET library provided by Microsoft. This library is intended to introduce several security features to applications which are not explicitly compiled to use them. It also adds an additional
Publish At:2016-09-26 18:15 | Read:5572 | Comments:0 | Tags:Hardening Security analysis EMET Windows

Got $90,000? A Windows 0-Day Could Be Yours

How much would a cybercriminal, nation state or organized crime group pay for blueprints on how to exploit a serious, currently undocumented, unpatched vulnerability in all versions of Microsoft Windows? That price probably depends on the power of the exploit and what the market will bear at the time, but here’s a look at one convincing recent exploit
Publish At:2016-06-16 05:15 | Read:5816 | Comments:0 | Tags:A Little Sunshine Latest Warnings Ne'er-Do-Well News The Com

Watch out, Angler Exploit Kit is able to bypass Microsoft EMET defense

Security experts from FireEye have observed attacks leveraging on Angler EK to deliver exploits capable of evading the Microsoft EMET security Tool. Microsoft’s Enhanced Mitigation Experience Toolkit (EMET) is a free security tool designed by Microsoft to implement a supplemental security layer of defense against the exploitation of vulnerabilities aff
Publish At:2016-06-07 12:15 | Read:3003 | Comments:0 | Tags:Breaking News Cyber Crime Malware Cybercrime EMET Hacking ra

Protecting your PC from ransomware gets harder with EMET-evading exploit

Drive-by attacks that install the once-feared TeslaCrypt crypto ransomware are now able to bypass EMET, a Microsoft-provided tool designed to block entire classes of Windows-based exploits.The EMET-evading attacks are included in Angler, a toolkit for sale online that provides ready-to-use exploits that can be stitched into compromised websites. Short for En
Publish At:2016-06-07 08:20 | Read:3282 | Comments:0 | Tags:Risk Assessment Technology Lab crypto ransomware emet enhanc

‘Badlock’ Bug Tops Microsoft Patch Batch

Microsoft released fixes on Tuesday to plug critical security holes in Windows and other software. The company issued 13 patches to tackle dozens of vulnerabilities, including a much-hyped “Badlock” file-sharing bug that appears ripe for exploitation. Also, Adobe updated its Flash Player release to address at least two-dozen flaws — in addi
Publish At:2016-04-18 15:05 | Read:4207 | Comments:0 | Tags:Time to Patch adobe badlock badlock.org Chris Goettl EMET En

Using the Microsoft EMET security tool to hack itself

The security researchers at FireEye Abdulellah Alsaheel and Raghav Pande have found a way to exploit Microsoft EMET (Enhanced Mitigation Experience Toolkit) to hack itself. The security researchers at FireEye security Abdulellah Alsaheel and Raghav Pande have found a way to exploit the Microsoft security tool Enhanced Mitigation Experience Toolkit to hack it
Publish At:2016-02-29 10:05 | Read:4372 | Comments:0 | Tags:Breaking News Hacking Security EMET Enhanced Mitigation Expe

Emergency IE Patch Fixes Vulnerability Under Attack

Microsoft today released an emergency patch for all supported versions of Internet Explorer, including IE 11 running on the recently released Windows 10.Microsoft said in its advisory that the zero-day is being publicly exploited. Google security engineer Clement Lecigne is credited with reporting the issue. A request for comment to Lecigne was not returned
Publish At:2015-08-19 07:15 | Read:2854 | Comments:0 | Tags:Microsoft Vulnerabilities Web Security emergency patch EMET

UK Student’s Research a Wassenaar Casualty

U.S.-based security researchers may soon be championing the case of Grant Wilcox, a young U.K. university student whose work is one of the few publicly reported casualties of the Wassenaar Arrangement.Wilcox last week published his university dissertation, presented earlier this spring for an ethical hacking degree at the University of Northumbria in Newcast
Publish At:2015-07-06 17:00 | Read:2520 | Comments:0 | Tags:Government Hacks Malware Vulnerabilities Web Security Commer

Creaking Patch Tuesday’s Viability Rests with Quality, Speed

Today is Patch Tuesday, the 11-year-old procession of security bulletins from Microsoft streamed out automatically to consumers of Windows Update, and pulled en masse by enterprise admins worldwide needing to test each for compatibility.This is how it’s been done since shortly after Bill Gates’ Trustworthy Computing memo in 2002 set Microsoft on
Publish At:2015-02-11 00:40 | Read:3542 | Comments:0 | Tags:Microsoft Vulnerabilities Andrew Storms Craig Young EMET exp

Bypass Demonstrated for Microsoft Use-After-Free Mitigation in IE

For a long time, Microsoft’s monthly Patch Tuesday security bulletins have periodically addressed use-after free vulnerabilities, the latest class of memory corruption bugs that have already found their way into a number of targeted attacks.Microsoft has implemented mitigations to address memory related vulnerabilities that afford successful attackers
Publish At:2015-01-21 16:05 | Read:3443 | Comments:0 | Tags:Hacks Microsoft Vulnerabilities Web Security Bromium Labs De

Is EMET Dead?

Exploit mitigation techniques have come a long way. In the 90s, any stack overflow was trivial to exploit for arbitrary code execution but over time, the protections have expanded.We now have DEP to prevent execution of user-writable data and ASLR to randomize the addresses space, making it harder to predict where a payload or a library would exist in memory
Publish At:2014-08-14 16:40 | Read:3953 | Comments:0 | Tags:Featured Articles Vulnerability Management Black Hat 2014 CF

On CVE-2014-1770 / ZDI-14-140 : Internet Explorer 8 "0day"

Hi all,I have received a ton of questions regarding a recently published ZDI advisory, which provides some details about a bug I discovered and reported to Microsoft (via ZDI), affecting Internet Explorer 8.  I wanted to take a few moments to clarify some of the confusion and answer some of the questions in this p
Publish At:2014-08-10 15:20 | Read:4785 | Comments:0 | Tags:Exploits 005 - Microsoft related 0day advisory cve-2014-1770

CSO : Common Sense Operator/Operations

As the CSO/CISO/person responsible for Information Security, your job is to…  well … do you even know?  Does upper management know?  "Our crappy CSO <this>…" and "Our stupid CSO <that>…" are statements commonly used by various (techie) people, throw
Publish At:2014-08-10 15:20 | Read:7199 | Comments:0 | Tags:CSO 178-79-152-9 attitude bcp business continiuty ciso commo


Share high-quality web security related articles with you:)


Tag Cloud