Some of you have undoubtedly heard the big news in the exploit world this week. There is a new Adobe Reader/Acrobat exploit in the wild that bypasses ASLR (Address Space Layout Randomization), DEP (Data Execution Prevention), and, most importantly, the sandbox (“Protected Mode“) that was introduced in Adobe Reader X.
- Updates to Magiic: local mbox/Thunderbird indexing, color highlighting, and more
- Exploiting Weak Shellcode Hashes to Thwart Module Discovery; or, Go Home, Malware, You’re Drunk!
- Unintended Consequences of Equation Group Malware
- HAVOC – Halting Attacks Via Obstructing Configurations – Part One
- New World Order – When Databases Collide