Throwhammer | Breaking Cybersecurity News | The Hacker News

A team of security researchers has discovered a new set of techniques that could allow hackers to bypass all kind of present mitigations put in place to prevent DMA-based Rowhammer attacks against Android devices. Dubbed RAMpage , the new technique (CVE-2018-9442) could re-enable an unprivileged Android app running on the victim's device to take advantage from the previously disclosed Drammer attack , a variant of DRAM Rowhammer  hardware vulnerability for Android devices, in an attempt to gain root privileges on the target device. You might have already read a few articles about RAMpage on the Internet or even the research paper, but if you are still unable to understand— what the heck is RAMpage —we have briefed the research in language everyone can understand. Before jumping directly on the details of RAMpage, it is important for you to understand what is RowHammer vulnerability, how it can be exploited using Drammer attack to hack Android devices and what mitigations G...

Last week, we reported about the first network-based remote Rowhammer attack, dubbed Throwhammer , which involves the exploitation a known vulnerability in DRAM through network cards using remote direct memory access (RDMA) channels. However, a separate team of security researchers has now demonstrated a second network-based remote Rowhammer technique that can be used to attack systems using uncached memory or flush instruction while processing the network requests. The research was carried out by researchers who discovered Meltdown and Spectre CPU vulnerabilities, which is independent of the Amsterdam researchers who presented a series of Rowhammer attacks, including Throwhammer published last week. If you are unaware, Rowhammer is a critical issue with recent generation dynamic random access memory (DRAM) chips in which repeatedly accessing a row of memory can cause "bit flipping" in an adjacent row, allowing attackers to change the contents of the memory. The...

Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.  At its core, Vulnerability Management processes remain essential for identifying and addressing weaknesses. But as time marches on and attack avenues evolve, this approach is beginning to show its age. In a recent report, How to Grow Vulnerability Management into Exposure Management (Gartner, How to Grow Vulnerability Management Into Exposure Management, 8 November 2024, Mitchell Schneider Et Al.), we believe Gartner® addresses this point precisely and demonstrates how organizations can – and must – shift from a vulnerability-centric strategy to a broader Exposure Management (EM) framework. We feel it's more than a worthwhile read an...

Exploitation of Rowhammer attack just got easier. Dubbed ' Throwhammer ,' the newly discovered technique could allow attackers to launch Rowhammer attack on the targeted systems just by sending specially crafted packets to the vulnerable network cards over the local area network. Known since 2012, Rowhammer is a severe issue with recent generation dynamic random access memory (DRAM) chips in which repeatedly accessing a row of memory can cause "bit flipping" in an adjacent row, allowing anyone to change the contents of computer memory. The issue has since been exploited in a number of ways to achieve remote code execution on the vulnerable computers and servers. Just last week, security researchers detailed a proof-of-concept Rowhammer attack technique, dubbed GLitch , that leverages embedded graphics processing units (GPUs) to carry out Rowhammer attacks against Android devices. However, all previously known Rowhammer attack techniques required privilege escal...