Looking back at March 2015
· β˜• 1 min read
Looking back at March, probably the most important information security news has been discovery of a significant vulnerability (which could be exploited using a FREAK attack) in some TLS/SSL implementations, including the ones used by Windows operating systems. Another worth while news has been a discovery of a new campaign aimed at energy sector companies in the Middle East. Trojan Laizok - a reconnaissance malware for gathering information about infected systems - has been used in the campaign, along with other malicious programs which have been modified for specific systems based on the information gathered by Laizok.

Rowhammer - an attack which uses a weakness in DDR3 memory
· β˜• 1 min read
Researchers from Google’s Project Zero have released information about a new attack based on flipping bits in DDR3 memory. The attack uses approach called Rowhammer which was devised last year by a team from Carnegie Mellon University and Intel Labs. It is based on repeated writing to and reading from a part of memory in a very short time which causes flipping values of bits in adjacent memory (the flipping is made possible by interaction between adjacent memory cells caused by their close proximity).