Collaborate Disseminate
The attack allows malicious applications to break out of their sandbox and access the entire operating system, giving an adversary complete control of the targeted device. Continue reading Rowhammer Variant ‘RAMpage’ Targets Android Devices All Over Again
The attack allows malicious applications to break out of their sandbox and access the entire operating system, giving an adversary complete control of the targeted device. Continue reading Rowhammer Variant ‘RAMpage’ Targets Android Devices All Over Again
A team of researchers from several universities and private companies has developed a new attack that breaks a fundamental security layer in Android and affects the majority of mobile devices released over the past six years. Dubbed Rampage, the attac… Continue reading Major Attack ‘Rampage’ Puts Android Devices at Risk
This week, now there’s a SECOND remote Rowhammer exploit, Chrome will remove secure indicator, Google offers free DDoS protection services, Intel is set to patch two new Meltdown/Spectre vulnerabilities, and more! Jason Wood from Paladin Security… Continue reading Red Hat, Google, iOmega, and University of Greenwich – Hack Naked News #174
How the graphics chip in your mobile phone could allow crooks to deliver malware via your browser – no app download required. Continue reading Serious Security: The GLitch “row hammering” attack
IBM researchers have demonstrated a filesystem-level version of the Rowhammer attack against MLC NAND flash memory. Continue reading Rowhammer Attacks Come to MLC NAND Flash Memory
At the 33rd annual Chaos Communications Congress, [Antonio Barresi] and [Erik Bosman] presented not one, not two, but three (3!!) great hacks that were all based on exploiting memory de-duplication in virtual machines. If you’re interested in security, you should definitely watch the talk, embedded below. And grab the slides too. (PDF)
Memory de-duplication is the forbidden fruit for large VM setups — obviously dangerous but so tempting. Imagine that you’re hosting VMs and you notice that many of the machines have the same things in memory at the same time. Maybe we’re all watching the same cat videos. They …read more
Continue reading 33C3: Memory Deduplication, the Hacker’s Friend
Google’s November Android Security Bulletin patched 15 critical vulnerabilities, but only a supplemental patch for the Dirty Cow Linux vulnerability. Continue reading Google Releases Supplemental Patch for Dirty Cow Vulnerability
Researchers have demonstrated how the PC-based Rowhammer attack also works against Android devices. Continue reading Rowhammer Vulnerability Comes to Android
Permission-less apps take only seconds to root phones from LG, Samsung and Motorola. Continue reading Using Rowhammer bitflips to root Android phones is now a thing