Windows 10 21H2 is released, here are the new features
New Rowhammer technique bypasses existing DDR4 memory defenses
WordPress sites are being hacked in fake ransomware attacks
Emotet malware is back and rebuilding its botnet via TrickBot
CISA releases cybersecurity response plans for federal agencies
Save 97% off a course bundle that covers all things computer science
Microsoft starts rolling out a new Windows 11 media player
Threat actors offer millions for zero-days, developers talk of exploit-as-a-service
Qualys BrowserCheck
Junkware Removal Tool
How to remove the PBlock+ adware browser extension
Remove the Search Redirect
Remove the Search Redirect
Remove the Search Redirect
Remove Security Tool and SecurityTool (Uninstall Guide)
How to remove Antivirus 2009 (Uninstall Instructions)
How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo
How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller
Locky Ransomware Information, Help Guide, and FAQ
CryptoLocker Ransomware Information Guide and FAQ
CryptorBit and HowDecrypt Information Guide and FAQ
CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ
How to make the Start menu full screen in Windows 10
How to install the Microsoft Visual C++ 2015 Runtime
How to open an elevated PowerShell Admin prompt in Windows 10
How to Translate a Web Page in Google Chrome
How to start Windows in Safe Mode
How to remove a Trojan, Virus, Worm, or other Malware
How to show hidden files in Windows 7
How to see hidden files in Windows
IT Certification Courses
Gear + Gadgets
Researchers have developed a new fuzzing-based technique called ‘Blacksmith’ that revives Rowhammer vulnerability attacks against modern DRAM devices that bypasses existing mitigations.
The emergence of this new Blacksmith method demonstrates that today’s DDR4 modules are vulnerable to exploitation, allowing a variety of attacks to be conducted.
Rowhammer is a security exploit that relies on the leaking of electrical charges between adjacent memory cells, enabling a threat actor to flip 1s and 0s and change the content in the memory.
This powerful attack can bypass all software-based security mechanisms, leading to privilege escalation, memory corruption, and more.
It was first discovered in 2014, and within a year, two working privilege escalation exploits based on the researcher were already available.
Gradually, this became a widespread problem, and even Android tools were developed, exploiting the Rowhammer vulnerability on smartphones to gain root access.
The mitigations applied to address this bit-flipping problem showed the first signs of their insufficiency in March 2020, when academic researchers proved that a bypass was possible.
Manufacturers had implemented a set of mitigations called “Target Row Refresh” (TRR), which were mainly effective in keeping the then-new DDR4 safe from attacks.
The attack used against it was called ‘TRRespass,’ and was another fuzzing-based technique that successfully found usable Rowhammering patterns.
‘TRRespass’ was able to find effective patterns in 14 of the 40 tested DIMMs, realizing a roughly 37.5% success. However, ‘Blacksmith’ found effective Rowhammer patterns on all of the 40 tested DIMMs.
The trick that the researchers used this time is not to approach the hammering patterns uniformly but instead explore non-uniform structures that can still bypass TRR.
The team used order, regularity, and intensity parameters to design frequency-based Rowhammer patterns and then fed them to the Blacksmith fuzzer to find working values.
This essentially revealed new exploitation potential that previous researches missed, as illustrated in the video below.
The fuzzer ran for 12 hours and yielded the optimal parameters to use in a Blacksmith attack. Using these values, the researchers were able to perform bit flips over a contiguous memory area of 256 MB.
To prove that this is exploitable in real-world scenarios, the team performed test attacks that allowed them to retrieve private keys for public RSA-2048 keys used to authenticate to an SSH host.
Concluding, our work confirms that the DRAM vendors’ claims about Rowhammer protections are false and lure you into a false sense of security. All currently deployed mitigations are insufficient to fully protect against Rowhammer. Our novel patterns show that attackers can more easily exploit systems than previously assumed. – Comsec.
Comsec further found that while using ECC DRAM will make exploitation harder, they will not defend against all Rowhammer attacks.
Newer DDR5 DRAM modules are already available in the market, and adoption will pick up pace in the next couple of years.
In DDR5, Rowhammer may not be as much of a problem, as TRR is replaced by “refresh management,” a system that keeps track of activations in a bank and issues selective refreshes once a threshold is reached.
This means that scalable fuzzing on a DDR5 DRAM device would be a lot harder and possibly a lot less effective, but that remains to be seen.
US Senate Passes Bill in Response to Rampant Ransomware, CyberAttacks
Acer confirms breach of after-sales service systems in India
Not a member yet? Register Now
New Microsoft emergency updates fix Windows Server auth issues
High severity BIOS flaws affect numerous Intel processors
To receive periodic updates and news from BleepingComputer, please use the form below.
Terms of Use Privacy PolicyEthics Statement
Copyright @ 2003 – 2021 Bleeping Computer® LLC – All Rights Reserved
Not a member yet? Register Now
Read our posting guidelinese to learn what content is prohibited.


You May Also Like

Massive attack against 1.6 million WordPress sites underway

ALPHV BlackCat – This year’s most sophisticated ransomwareSonicWall ‘strongly urges’ customers to…

CISA warns critical infrastructure to stay vigilant for ongoing threats

Microsoft December 2021 Patch Tuesday fixes 6 zero-days, 67 flawsNew ransomware now…

The Week in Ransomware – December 10th 2021 – Project CODA

New zero-day exploit for Log4j Java library is an enterprise nightmareALPHV BlackCat…

Google disrupts massive Glupteba botnet, sues Russian operators

Grafana fixes zero-day vulnerability after exploits spread over TwitterGoogle disrupts massive Glupteba…