|
You are here |
www.trailofbits.com | ||
| | | | |
blog.trailofbits.com
|
|
| | | | | By Alan Cao If you love exploit mitigations, you may have heard of a new system call named mseal landing into the Linux kernel's 6.10 release, providing a protection called "memory sealing." Beyond notes from the authors, very little information about this mitigation exists. In this blog post, we'll explain what this syscall is, including... | |
| | | | |
secret.club
|
|
| | | | | [AI summary] This text discusses advanced hypervisor-based techniques for stealth kernel introspection and function hooking using Extended Page Tables (EPT). It describes two Rust-based implementations: Illusion (UEFI-based hypervisor for early boot introspection) and Matrix (Windows kernel driver-based hypervisor using dual-EPT context switching). The text covers EPT shadowing, inline VMCALL detours, MTF single-stepping, and trampoline logic to redirect execution without modifying guest memory. It also addresses hypervisor detection methods, trade-offs between shared vs. per-core EPT models, and the broader implications for security research and exploitation. | |
| | | | |
googleprojectzero.blogspot.com
|
|
| | | | | Posted by Gal Beniamini, Project Zero Mobile devices are becoming an increasingly privacy-sensitive platform. Nowadays, devices process ... | |
| | | | |
blog.talosintelligence.com
|
|
| | | Cisco Talos is aware of the ongoing exploitation of CVE-2025-53770 and CVE-2025-53771 in the wild. These are path traversal vulnerabilities affecting SharePoint Server Subscription Edition, SharePoint Server 2016, and SharePoint Server 2019. | ||