Researchers have found a design flaw in the branch predictor, a component of Intel’s Haswell processor, and have exploited it to bypass ASLR (Address Space Layout Randomization). What is ASLR? ASLR is a defense mechanism present in major operating systems and many applications, and protects systems from common attacks such as buffer overflow and return-oriented programming attacks. It does so by randomly arranging the address space positions of key data areas of a process in … More
Source: helpnetsecurity

Microsoft researchers Itay Grady and Tal Be’ery have released Net Cease, a PowerShell script that prevents attackers who have already compromised an endpoint from getting information about other targets within the same corporate network. The idea behind the script is to make attackers’ lateral movement on the network more difficult. Non-admin user gets access denied calling NetSess remotely after Net Cease was deployed on the target machine This type of reconnaissance can be performed by … More
Source: helpnetsecurity