Microsoft Ships Anti-Exploit Tool for IT Admins

LAS VEGAS — Microsoft today released a new tool to help IT administrators backport anti-exploit mitigations like ASLR Address Space Layout Randomization and DEP Data Execution Prevention to older versions of Windows. The tool, called Enhanced Mitigation Experience Toolkit EMET works by applying...

Dedicated Attackers Will Always Win

Despite the multitude of anti-exploit mitigations built into modern operating systems ASLR, DEP, Sandboxing, hackers were able to compromise every major target this year. This is confirmation that dedicated attackers with the right financial motivation, will almost always find a way to break into...

Mozilla Firefox Hacked at Pwn2Own Contest

VANCOUVER, BC — The first day of the CanSecWest Pwn2Own hacker challenge wrapped up here today with a familiar face going after a familiar target. And, for the second year in a row, a German hacker known simply as “Nils” exploited a previously unknown vulnerability in Mozilla Firefox to take...

Google Researcher Ships Exploit to Defeat ASLR+DEP

A prominent security researcher has released an exploit that uses a new technique to defeat ALSR + DEP on Microsoft’s Windows operating system. The exploit, released by Google security researcher “SkyLined,” uses the ret-into-libc technique to bypass DEP Data Execution Prevention and launch code...