For a while now, Android devices and many embedded systems have used a Trusted Execution Environment (TEE) to host some security functions (like hardware crypto/key, DRM, mobile payment, biometric authentication, ...). On ARM platforms, TEE are small operating systems which use the ARM TrustZone technology to isolate their execution from …
iOS 12 has been released for a few weeks now. New major iOS versions often mean new kernelcache and dyld_shared_cache file formats. iOS12 is no exception to the rule and comes with an other surprise: Pointer Authentication Code (PAC) for the new A12 chip. This blogpost shows you how to …
Synacktiv met netdata in the wild in the last few
months. This blog post aims at telling the story of a vulnerability which
was first forgotten 1 year ago and then partially fixed. On a standard setup,
the vulnerability can be exploited by gid
netdata to read arbitrary
files owned by
root. On a weak setup (as seen in the wild by Synacktiv),
the vulnerability can be exploited by all users.
On August 28th, HP published a security bulletin regarding a critical vulnerability in HP Integrated Lights-Out (iLO) 4. This blog post aims at giving some details about this vulnerability, and a few hints for administrators to protect their servers. This research only applies to iLO version 4.
Page 1 / 1