#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
AWS EKS Security Best Practices

Throwhammer | Breaking Cybersecurity News | The Hacker News

Category — Throwhammer
RAMpage Attack Explained—Exploiting RowHammer On Android Again!

RAMpage Attack Explained—Exploiting RowHammer On Android Again!

Jun 29, 2018
A team of security researchers has discovered a new set of techniques that could allow hackers to bypass all kind of present mitigations put in place to prevent DMA-based Rowhammer attacks against Android devices. Dubbed RAMpage , the new technique (CVE-2018-9442) could re-enable an unprivileged Android app running on the victim's device to take advantage from the previously disclosed Drammer attack , a variant of DRAM Rowhammer  hardware vulnerability for Android devices, in an attempt to gain root privileges on the target device. You might have already read a few articles about RAMpage on the Internet or even the research paper, but if you are still unable to understand— what the heck is RAMpage —we have briefed the research in language everyone can understand. Before jumping directly on the details of RAMpage, it is important for you to understand what is RowHammer vulnerability, how it can be exploited using Drammer attack to hack Android devices and what mitigations G...
Nethammer—Exploiting DRAM Rowhammer Bug Through Network Requests

Nethammer—Exploiting DRAM Rowhammer Bug Through Network Requests

May 17, 2018
Last week, we reported about the first network-based remote Rowhammer attack, dubbed Throwhammer , which involves the exploitation a known vulnerability in DRAM through network cards using remote direct memory access (RDMA) channels. However, a separate team of security researchers has now demonstrated a second network-based remote Rowhammer technique that can be used to attack systems using uncached memory or flush instruction while processing the network requests. The research was carried out by researchers who discovered Meltdown and Spectre CPU vulnerabilities, which is independent of the Amsterdam researchers who presented a series of Rowhammer attacks, including Throwhammer published last week. If you are unaware, Rowhammer is a critical issue with recent generation dynamic random access memory (DRAM) chips in which repeatedly accessing a row of memory can cause "bit flipping" in an adjacent row, allowing attackers to change the contents of the memory. The...
New Rowhammer Attack Can Hijack Computers Remotely Over the Network

New Rowhammer Attack Can Hijack Computers Remotely Over the Network

May 11, 2018
Exploitation of Rowhammer attack just got easier. Dubbed ' Throwhammer ,' the newly discovered technique could allow attackers to launch Rowhammer attack on the targeted systems just by sending specially crafted packets to the vulnerable network cards over the local area network. Known since 2012, Rowhammer is a severe issue with recent generation dynamic random access memory (DRAM) chips in which repeatedly accessing a row of memory can cause "bit flipping" in an adjacent row, allowing anyone to change the contents of computer memory. The issue has since been exploited in a number of ways to achieve remote code execution on the vulnerable computers and servers. Just last week, security researchers detailed a proof-of-concept Rowhammer attack technique, dubbed GLitch , that leverages embedded graphics processing units (GPUs) to carry out Rowhammer attacks against Android devices. However, all previously known Rowhammer attack techniques required privilege escal...
cyber security

SANS Institute Complimentary Training Bundle ($3240 Value) at Network Security 2025

websiteSANS InstituteCyber Security Training
Register to attend in-person training at Network Security 2025 in Las Vegas, NV and claim a complimentary cyber-pro pass that includes an OnDemand bundle, AND a free pass to compete in NetWars!
cyber security

Key Essentials to Modern SaaS Data Resilience

websiteVeeamSaaS Security / Data Resilience
Learn how to modernize your SaaS data protection strategy and strengthen security to avoid risks of data loss.
Expert Insights Articles Videos
Cybersecurity Resources