Security News #0x84
- The big news of the week is the rowhammer attack which exploits hardware level features of DRAM chips. In particular, repeated accesses in one part of a memory row can flip a bit in an adjacent row. If that bit controls whether the process has read-write access to its own memory, then the attack can be leveraged to cause privilege escalation.
- Incursus Absconditus has a nice piece that shows how to hijack existing SSH connections.
- Did you know that it is possible to perform a full packet capture on a Windows box, beginning with system boot without using tools like Wireshark or tcpdump?
- GreyHatHacker.NET summarizes a number of techniques that can be used to bypass Windows UAC (User Account Control).
- Business Insider has an infographic that shows the largest data breaches by time.
- If you are a student (and aren’t we all students?) you might be interested in a nice piece by Mark Vavrusa entitled What a C programmer should know about memory.