Collaborate Disseminate
We’re proud to announce the release of Winchecksec, a new open-source tool that detects security features in Windows binaries. Developed to satisfy our analysis and research needs, Winchecksec aims to surpass current open-source security feature … Continue reading Effortless security feature detection with Winchecksec
Today, we’re going to talk about a hard problem that we are working on as part of DARPA’s Cyber Fault-Tolerant Attack Recovery (CFAR) program: automatically protecting software from 0-day exploits, memory corruption, and many currently undi… Continue reading Protecting Software Against Exploitation with DARPA’s CFAR
The planned threading in shared memory update gives bad actors a way around the timer mitigations released by browser vendors. Continue reading WebAssembly Changes Could Ruin Meltdown and Spectre Browser Patches
The flaws threaten to expose corporate communications in Outlook as well as the messages of at-risk users like political dissidents. Continue reading EFAIL Opens Up Encrypted Email to Prying Eyes
An academic paper demonstrates a new ASLR bypass executed through a side-channel attack against the branch target buffer in an Intel Haswell CPU. Continue reading Bypassing ASLR in 60 Milliseconds
An academic paper demonstrates a new ASLR bypass executed through a side-channel attack against the branch target buffer in an Intel Haswell CPU. Continue reading Bypassing ASLR in 60 Milliseconds