Saturday, March 21st, 2009
As promised, the paper and the proof of concept code has just been posted on the ITL website here.
A quote from the paper:
In this paper we have described practical exploitation of the CPU cache poisoning in order to read or write into (otherwise protected) SMRAM memory. We have implemented two ...
Posted in Coding, Hardware, Linux, Security, Windows | No Comments
Tuesday, March 10th, 2009
Adobe released a patch today for a zero-day vulnerability under attack by hackers.
The patch, available for version 9 of Adobe Reader and Adobe Acrobat, comes a day earlier than the company’s planned release. Patches for earlier versions of the product are still slated for March 18.
The vulnerability is the result ...
Posted in Coding, Internet, Security | No Comments
Tuesday, March 10th, 2009
Merely storing -- without opening -- a malicious PDF file can trigger an attack that exploits the new, unpatched zero-day flaw in Adobe Reader, a researcher has discovered. Didier Stevens, a researcher and IT security consultant with Contrast Europe NV, today released a proof-of-concept demonstration that shows how a file ...
Posted in Coding, Internet, Security, Software | No Comments
Tuesday, March 3rd, 2009
Gmail is Google's "free webmail service. It comes with built-in Google search technology and over 2,600 megabytes of storage (and growing every day). You can keep all your important messages, files and pictures forever, use search to quickly and easily find anything you're looking for, and make sense of it ...
Posted in Coding, Internet, Security | No Comments
Thursday, February 26th, 2009
This tool provides a demonstration of the HTTPS stripping attacks that was presented at Black Hat DC 2009. It will transparently hijack HTTP traffic on a network, watch for HTTPS links and redirects, then map those links into either look-alike HTTP links or homograph-similar HTTPS links. It also supports modes ...
Posted in Coding, Internet, Privacy, Security | 1 Comment
