Engineers write off GC abuse because Spectre broke everything anyway In early November, a developer contributing to Google’s open-source Chromium project reported a problem with Oilpan, the garbage collector for the browser’s Blink rendering engine: it can be used to break a memory defense known as address space layout randomization (ASLR).… The Register – Security
A prolific North Korean state-sponsored hacking group has been tied to a new ongoing espionage campaign aimed at exfiltrating sensitive information from organizations in the defense industry. Attributing the attacks with high confidence to the Lazarus Group, the new findings from Kaspersky signal an expansion of the APT actor’s tactics by going beyond the usual gamut […]
On Feb. 5, the Biden administration announced plans to leverage the Defense Production Act (DPA) to bolster vaccine production, boost the availability of at-home and point-of-care virus tests, and increase the supply of critical shortages in personnel protective equipment such as masks, shields and gloves. Alongside the use of the DPA, the Pentagon announced plans […]
The “hackback” debate has been with us for many years. It boils down to this: Private sector victims of hacking in some instances might wish to engage in self-defense outside their own networks (that is, doing some hacking of their own in order to terminate an attack, identify the attacker, destroy stolen data, etc.) but […]
Understanding Network Hacks: Attack and Defense with Python This book explains how to see one’s own network through the eyes of an attacker, to understand their techniques and effectively protect against them. Through Python code samples the reader learns to code tools on subjects such as password sniffing, ARP poisoning, DNS spoofing, SQL injection, Google […]