ZDNet

New BlindSide attack uses speculative execution to bypass ASLR

While robust passwords help you secure your valuable online accounts, hardware-based two-factor authentication takes that security to the next level. Read now Academics have developed a new technique ...
Semiconductor Engineering

SW-HW Co-Design Mitigation To Strengthen ASLR Against Microarchitectural Attacks (MIT)

“Address Space Layout Randomization (ASLR) is one of the most prominently deployed mitigations against memory corruption attacks. ASLR randomly shuffles program virtual addresses to prevent attackers ...
MCPmag

Microsoft: That Windows ASLR Flaw Is Actually a Feature

Microsoft is rationalizing that an apparent security flaw in the ASLR Windows protection scheme was placed there on purpose. The alleged flaw was described in a vulnerability note published this month ...
Bleeping Computer

CISA warns of Samsung ASLR bypass flaw exploited in attacks

CISA warned today of a security vulnerability affecting Samsung devices used in attacks to bypass Android address space layout randomization (ASLR) protection. ASLR is an Android security feature that ...
ZDNet

Opera plugs security holes; adds ASLR, DEP support

Opera Software has shipped a high-priority security patch for its flagship Web browser to plug at least three vulnerabilities that expose Windows users to code execution and cross-domain scripting ...
Hackaday

This Week In Security: Robinhood, Apple Mail, ASLR, And More Windows 7

First off this week, a ransomware named Robinhood has a novel trick up its sleeve. The trick? Loading an old known-vulnerable signed driver, and then using a vulnerability in that driver to get a ...
Computerworld

JavaScript-based attack simplifies browser exploits

Researchers have devised a new attack that can bypass one of the main exploit mitigations in browsers: Address space layout randomization (ASLR). The attack takes advantage of how modern processors ...