#+HashtagPLUS
In

Menu

Post image 1
Post image 2
Post image 3
Post image 4
Post image 5
Post image 6
Post image 7
Post image 8
Post image 9
Post image 10
Post image 11
Post image 12
Post image 13
Post image 14
Post image 15
Post image 16
Post image 17
Post image 18
Post image 19
1 / 19
0

Cold Hard Cache — Bypassing RPC Interface Security with Cache Abuse

Akamai·Written by Ben Barnea and Stiv Kupchik October 11, 2022·about 1 month ago
#IjeD7Gw5
#wk#srv#hunt#separating#gt_15c89cb5#security
Reading 0:00
15s threshold

Blog Security Research Cold Hard Cache — Bypassing RPC Interface Security with Cache Abuse Ben Barnea is a Security Researcher at Akamai with interest and experience in conducting low-level security research and vulnerability research across various architectures, including Windows, Linux, IoT, and mobile. He enjoys learning how complex mechanisms work and, more important, how they fail. Stiv Kupchik is a Security Researcher Team Lead at Akamai. His research projects revolve around OS internals, vulnerability research, and malware analysis. He has presented his research at conferences such as Black Hat, Hexacon, and 44CON. In addition to being a cybersecurity professional, Stiv also has a BSc in physics. In this blog post, we will focus on the security callback mechanism of RPC servers, how it can be bypassed by caching, and how we automated our research to flag Windows services as potentially vulnerable.…

Continue reading — create a free account

Join HashtagPLUS to read full articles, follow hashtags, vote, and join the conversation.

Create free accountLog in
Read More