Poor Rowhammer Fixes On DDR4 DRAM Chips Re-Enable Bit Flipping Attacks

Remember rowhammer vulnerability? A critical issue affecting modern DRAM (dynamic random access memory) chips that could allow attackers to obtain higher kernel privileges on a targeted system by repeatedly accessing memory cells and induce bit flips.
Continue reading Poor Rowhammer Fixes On DDR4 DRAM Chips Re-Enable Bit Flipping Attacks

New PlunderVolt Attack Targets Intel SGX Enclaves by Tweaking CPU Voltage

A team of cybersecurity researchers demonstrated a novel yet another technique to hijack Intel SGX, a hardware-isolated trusted space on modern Intel CPUs that encrypts extremely sensitive data to shield it from attackers even when a system gets compro… Continue reading New PlunderVolt Attack Targets Intel SGX Enclaves by Tweaking CPU Voltage

Researchers devise RAMBleed attack to grab secret data from memory

Researchers have demonstrated a new variation of the Rowhammer attack: dubbed RAMBleed, it may allow attackers to read data stored inside the computer’s physical memory. “While the end-to-end attack we demonstrated read out OpenSSH 7.9&#821… Continue reading Researchers devise RAMBleed attack to grab secret data from memory

RAMBleed Attack – Flip Bits to Steal Sensitive Data from Computer Memory

A team of cybersecurity researchers yesterday revealed details of a new side-channel attack on dynamic random-access memory (DRAM) that could allow malicious programs installed on a modern system to read sensitive memory data from other processes runni… Continue reading RAMBleed Attack – Flip Bits to Steal Sensitive Data from Computer Memory

RAMpage Attack Explained—Exploiting RowHammer On Android Again!

A team of security researchers has discovered a new set of techniques that could allow hackers to bypass all kind of present mitigations put in place to prevent DMA-based Rowhammer attacks against Android devices.

Dubbed RAMpage, the new technique (CV… Continue reading RAMpage Attack Explained—Exploiting RowHammer On Android Again!

Nethammer—Exploiting DRAM Rowhammer Bug Through Network Requests

Last week, we reported about the first network-based remote Rowhammer attack, dubbed Throwhammer, which involves the exploitation a known vulnerability in DRAM through network cards using remote direct memory access (RDMA) channels.

However, a separat… Continue reading Nethammer—Exploiting DRAM Rowhammer Bug Through Network Requests

New Rowhammer Attack Can Hijack Computers Remotely Over the Network

Exploitation of Rowhammer attack just got easier.

Dubbed ‘Throwhammer,’ the newly discovered technique could allow attackers to launch Rowhammer attack on the targeted systems just by sending specially crafted packets to the vulnerable network cards o… Continue reading New Rowhammer Attack Can Hijack Computers Remotely Over the Network

New Rowhammer attack can be used to hack Android devices remotely

Researchers from Vrije Universiteit in Amsterdam have demonstrated that it is possible to use a Rowhammer attack to remotely hack Android phones. What is a Rowhammer attack? “The Rowhammer attack targets the design of DRAM memory. On a system whe… Continue reading New Rowhammer attack can be used to hack Android devices remotely

GLitch: New ‘Rowhammer’ Attack Can Remotely Hijack Android Phones

For the very first time, security researchers have discovered an effective way to exploit a four-year-old hacking technique called Rowhammer to hijack an Android phone remotely.

Dubbed GLitch, the proof-of-concept technique is a new addition to the Ro… Continue reading GLitch: New ‘Rowhammer’ Attack Can Remotely Hijack Android Phones

Compromising Linux virtual machines via FFS Rowhammer attack

A group of Dutch researchers have demonstrated a variant of the Rowhammer attack that can be used to successfully compromise Linux virtual machines on cloud servers. The Flip Feng Shui (FFS) attack is not performed by triggering a software vulnerability. Instead, it relies on exploiting the widespread Rowhammer DRAM glitch to induce bit flips in controlled physical memory pages, and the Linux’ memory deduplication system. A short version of the attack sequence goes like this: … More Continue reading Compromising Linux virtual machines via FFS Rowhammer attack