Exploits

Firefox 0-Day targeting Tor-Users

Firefox 0-Day targeting Tor-Users

11/30/2016 [UPDATE: 12/01/2016] - Yesterday a Firefox 0-Day was made publicly available. We have analyzed the exploit from begin to end and talk about the different stages, including: the exploit techniques that aim to defeat general protection mechanisms like ASLR and DEP, as well as more advanced protection mechanisms like Export Address Filtering from EMET, the shellcode and its similarity to the FBI-Exploit from 3 years ago.

Author: Andreas Fobian, Carl-Benedikt Bender

Drammer: Are hardware vulnerabilities the Achilles heel of Android?

Drammer: Are hardware vulnerabilities the Achilles heel of Android?

10/28/2016 - Mobile devices, especially smartphones, are a very lucrative target for cyber criminals because they are a fixture of everyday private and working life. Researchers at VUSec Labs, the University of California and Graz University of Technology have succeeded in exploiting a security hole in Android smartphone hardware. The experts have called the attack vector “Deterministic Rowhammer” (Drammer for...

Author: Christian Lueg
G DATA | Trust in German Sicherheit