Sometime back, FireEye discovered a 0day attack using docx file format Two for One: Microsoft Office Encapsulated PostScript and Windows Privilege Escalation Zero-Days THE EPS AWAKENS The CVE caught my eye CVE-2015-2545, when @PhysicalDrive0 tweeted the sample hash. Thinking possibly the hash could be related to the upper report, i checked the sample....

A little bit of context: Last day, a forum member from Wildersecurity.com comments on EMET blog post of mine. Basically claiming that his Product VoodooShield is very good etc. etc. Following is an excerpt from his comment Hi, this is Dan from VoodooShield. If it really is that easy to bypass VS, it should not take you much time at all. I have been...

Since my last post, i've thought maybe its not bad to explain how bypassing EMET protections work rather than giving out a weaponized POC.so far EMET contains following protections1. DEP2. SEHOP (NA)3. NuLL Page (NA)4. Heap Spray5. EAF6. EAF+ (NA)7. ASLR8. Bottom's up ASLR9. LoadLibrary (NA)10. memprot (NA)11. Caller Check12. Simexecflow13. Stack Pivot14....

Since my last post, i thought if Malware Bytes Anti Exploit can be bypassed in a targetted attack why not work on bypassing EMET using rop chains. But truth be told EMET has tons of good protections which render a lot of methods useless and this form of bypass was only because of my lack of focus/ability to find a combined loophole in all current epxloit...

Recently i came across few blog posts circulated widely, claiming that they have bypassed EMET's EAF. Though not trivial, EAF is a very good protection which disallows position independent code (shellcode) from getting executed in a process. Not only does EMET protect a browser from exploits but also from code injection from foreign processes looking...

Not very long ago, security industry shifted from malwares to exploits.Though malware industry still dominates the market due to its sophistication and reach, exploits are nothing but the new sexy. Just like in old days antivirus were starting up, exploit detection systems are increasing nowadays and malware enthusiasts are shifting towards this trend....