随笔(二):全补丁下再次利用CPU漏洞攻破KASLR
author : https://weibo.com/jfpan
12月初微博提到微软RS4的内核修改,介绍了其KVA Shadowing方案消除了多种已知硬件边信道攻击,无意中成了当时尚未公开的meltdown CPU漏洞补丁的最早(
Aggregator
A Kernel Vulnerability Detection Framework based on Hardware
4 months 4 weeks ago
IceSword Lab
利用一个竞态漏洞root三星s8的方法
4 months 4 weeks ago
author : zjq(@spinlock2014) of IceSword Lab , Qihoo 360
IceSword Lab
开启Win10RS4ARM64远程内核调试之旅
4 months 4 weeks ago
IceSword Lab
TLB 缓存延迟刷新漏洞 CVE-2018-18281 解析
4 months 4 weeks ago
author: [email protected] of IceSword Lab , Qihoo 360
IceSword Lab
PTRACE_TRACEME 本地提权漏洞解析
4 months 4 weeks ago
author: Gengjia Chen ([email protected]) of IceSword Lab, qihoo 360
IceSword Lab
窥探有方——调试Released SGX Enclave
4 months 4 weeks ago
author : suezi(@suezi86) of IceSword Lab , Qihoo 360
Intel Software Guard
IceSword Lab
LoongArch 研究小记(一)
4 months 4 weeks ago
author: xiongxiao ([email protected]), jiayy (chengjia4574@
IceSword Lab
CVE-2021-22555漏洞分析
4 months 4 weeks ago
IceSword Lab
CVE-2021-4034 pkexec 本地提权漏洞利用解析
4 months 4 weeks ago
IceSword Lab
CVE-2022-23222 eBPF verifier 提权漏洞利用分析
4 months 4 weeks ago
IceSword Lab
Linux 内核利用技巧 Slab UAF to Page UAF
4 months 4 weeks ago
author: 熊潇 of IceSword Lab
本文研究了内核编译选项 CONFI
IceSword Lab
CVE-2022-1015 nf_tables 提权漏洞分析
4 months 4 weeks ago
author: 莫兴远 of IceSword Lab
IceSword Lab
Linux 内核利用技巧 Racing against the clock
4 months 4 weeks ago
author: 熊潇 of IceSword Lab
IceSword Lab
Google fixes actively exploited sandbox escape zero day in Chrome
4 months 4 weeks ago
Google发布Chrome安全更新修复六个漏洞,其中高危CVE-2025-6558已被利用,影响ANGLE和GPU组件,可能导致沙盒逃逸。建议用户尽快升级至最新版本以防范风险。
AVVERIFIER Outpaces Mythril and ETHBMC in Smart Contract Vulnerability Detection
4 months 4 weeks ago
本文介绍了一种名为AVVERIFIER的工具,用于检测以太坊智能合约中的地址验证漏洞。通过基准测试和真实世界合同分析,结果显示AVVERIFIER在效率和准确性上优于其他工具如Mythril、Ethainter和Jackal。
Weekoverzicht Defensieoperaties
4 months 4 weeks ago
Blaren doorprikken, drukverbanden aanleggen en spieren los masseren. Militair geneeskundig personeel bemant de medische posten langs de Vierdaagse-route. Want militairen doen niet alleen méé aan dit wandelfestijn. Een flink aantal is ook in touw om het deze collega’s, maar ook civiele lopers zo comfortabel mogelijk te maken. Een overzicht van Defensieoperaties in de week van 9 tot en met 15 juli 2025.
Cloudflare Blocks Record-Breaking 7.3 Tbps DDoS Attack
4 months 4 weeks ago
Cloudflare highlighted a huge rise in hyper-volumetric DDoS attacks in Q2 2025, with attackers seeking to overwhelm defenses
15分钟看1条告警,不能再多了
4 months 4 weeks ago
我去,态感就剩一条告警了
业务逻辑缺陷:白嫖东西而无需付款
4 months 4 weeks ago