In this paper, the authors show that under realistic assumptions, it is indeed possible to bypass TRR directly from JavaScript, allowing attackers to exploit the resurfaced Rowhammer bug inside the browser. In addition, their analysis reveals new requirements for practical TRR evasion. For instance, they discovered that activating many rows in rapid succession as shown in TRRespass may not always be sufficient to produce bit flips. The scheduling of DRAM accesses also plays an important role.
47dfe422ce30e7bc84f40aade82f759d07d143dca97cf56e443b984812de680aThe ZeroNights 2021 Call For Papers has been announced. It will be held in Saint-Petersburg, Russia on June 30th, 2021.
418b437944405587fb3fa6770e284fea10b92a3aabcbc643723779fa7611dd42The video gaming industry is a popular target for various threat actors. Players as well as studios and publishers themselves are at risk for both opportunistic and targeted cyber-attacks - tactics range from leveraging fake APKs of popular mobile games, to compromising accounts for resale. Even APT (Advanced Persistent Threat) actors have been known to target the video gaming industry.This report will examine a hacking tool being promoted for use against gamers by masquerading as a cheat for Call of Duty: Warzone. This particular tool is considered a dropper, a piece of malware that is used to install or deliver an additional payload, such as credential stealing malware, on a target system or device. A dropper is a means to an end, rather than the end itself - but still is a critical link in the chain. The dropper examined in this report, "Cod Dropper v0.1", can be customized to install other, more destructive, malware onto the targets' machines.
5e38513aae0103e12649461665c14fa46a5772acb881d5395611526d1a436917This is a whitepaper that discusses attacking GraphQL.
aa2a135e3c79bce67c8da5438837eb4be4d82d6384d4352b498bfce711c37bebThis whitepaper provides information about how you can hack JWT tokens for fun and profit.
7368748618b4cd6f33d0da05f3cabc301392721ae3b26c2284f7a0e648b15957Whitepaper that discusses XXE exploitation via file uploads.
7c6849a41692d2abfdae193b26658ffc1ed539af111174b955d5ba020dc87949This whitepaper explains how xml external entity and server-side request forgery vulnerabilities work and how they can be combined to perform attacks.
5b911234c50bade2c82b7c0909cc2946fb8a97e0d2a48acfa8f8fd489233bb49This whitepaper focuses on explaining the Apache Ghostcat vulnerability and how it can be used to read file contents of all web applications deployed on Tomcat.
dc2b8740104317c36ad79dcb929d334c237272637cf804d3dfc086cec7bb44d1Whitepaper called Credential Dumping Cheatsheet. It covers locations of data and various tooling you can use to find passwords.
029b308e2946943240e7d06eea765f709be7c1af2173b93f3e636ef0b7313a94The call for papers for hardwear.io 2021 is open. It will take place July 9th through the 10th, 2021.
41f2f7a1cc68e7540cb4bf44eafb313d968d9ca6802b1ebeae31737fd6b4c2ebWhitepaper called Breaking the Business Logics It is intends to provide the idea of business logic vulnerabilities and how to exploit them. There are theoretical scenarios as well where common flaws are discussed.
bdfa585849987cf27ac17432358edb5741e616a3b4025257978012426a6b0fa0This whitepaper acts as a cheatsheet for methodologies to apply with Linux and Windows privilege escalation.
f9978ce5a9ca16e00a1d0a0a5a2c07c964a65b40e70e191a128d82f940f14ae3This is a brief whitepaper that goes over file transfer mechanisms that can be used on Windows and Linux.
bb53fbaa2dc352533456cf7d06a33392552c749b608b8e33b3b03227d97e1520Microsoft SMBv3 CVE-2020-0796 whitepaper that discusses the workings, exploitation, and mitigations.
9154829412e6f27bbd51d39811e1acf07f15b9daf04fbad8e3cb61e74d7e6c62This is a brief whitepaper that goes over some tooling that can be of assistance while performing reconnaissance against a web application prior to attack.
efa89877156455ecbe4998579276a2b7f88564aac2a446ce3a8fdb5d7a98c52cWhitepaper called Android Vulnerability in ES File Explorer. It provides an overview of manual exploitation of ES File Explorer version 4.1.9.7.4 using counterfeit requests over HTTP.
9b0d580d48451b1cfce532d6de5bf7c4caa5faf0493949998e87a7e17ccea3dfThis whitepaper goes through identification and exploitation of the SMB Ghost vulnerability.
1598b7f81fc0fd106b6abbd1f0e5a9da28fc8f2cbf5e4b6c0db7946666870aa5This whitepaper goes into detail on how to leverage a Chrome Browser use-after-free vulnerability in FileReader with Metasploit.
426daf836d595f934234e05cd94b8dc830e5e8415fdebf4f297113f87753387cThis whitepaper provides an overview of Autopsy, the graphical interface for the Sleuthkit.
45c9afa0c7451bc0554cf50748ab04b2650e7eadf00ab14203577af0ba3d74f2This whitepaper is a guide to performing memory forensics using volatility. It goes into depth on using the Volatility framework to analyze memory dumped from a live system.
f9036bb369a6f8ab886ff9ad5a769c0561265e1425026f58996107393ca77473Whitepaper called Active Directory Penetration Testing. Written in Turkish.
ea2487963fa1d18c78f0962ee60bb105f6a02d1297c01cf32cf2313bc0174348Whitepaper called Mobile Security and Penetration Testing. Written in Turkish.
56bcdaf3cd7bc5cd83f8a5559d8985f7fe6e7e70d6985f586acb76d64834d173This is a whitepaper that details identifying cross site scripting vulnerabilities in both the Neo and Matrix LMS codebase.
425783c0a58f4b3d8ceaa1ef51c78b248dc59a4e994ea242a952886897d53b3dThis whitepaper is an introductory guide to Digital Forensics. It provides a high level understanding of protocol and roles.
a676db8f5ab0381a2e9ea5b5adf74019397945ebdb2b6bc06f10b3b04670452dThis whitepaper is a guide to using FTK Imager for digital forensics.
3c78ef29175142feb10177e89ff96cbd355c362ecc8bb3edd23f41ce3f657e0f
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed