Simple macOS kernel extension fuzzing in userspace with IDA and TinyInst Posted by Ivan Fratric, Google Project Zero Recently, one of the projects I was involved in had... 2024-11-22 01:53:0 | 阅读: 5 | 收藏 | Project Zero - googleprojectzero.blogspot.com tinyinst loader av1 harness userspace

From Naptime to Big Sleep: Using Large Language Models To Catch Vulnerabilities In Real-World Code Posted by the Big Sleep team Introduction In our previous post, Project Naptime: Evaluating Off... 2024-11-1 23:12:0 | 阅读: 2 | 收藏 | Project Zero - googleprojectzero.blogspot.com icol sqlite3 rowid assertion

The Windows Registry Adventure #4: Hives and the registry layout Posted by Mateusz Jurczyk, Google Project Zero To a normal user or even a Win32 application de... 2024-10-26 01:30:0 | 阅读: 9 | 收藏 | Project Zero - googleprojectzero.blogspot.com hives windows machine security loaded

Effective Fuzzing: A Dav1d Case Study Guest post by Nick Galloway, Senior Security Engineer, 20% time on Project ZeroLate in 2023, whil... 2024-10-4 01:1:0 | 阅读: 5 | 收藏 | Project Zero - googleprojectzero.blogspot.com dav1d sf fuzzer tile memory

The Windows Registry Adventure #3: Learning resources Posted by Mateusz Jurczyk, Google Project Zero When tackling a ne... 2024-6-28 00:51:0 | 阅读: 7 | 收藏 | Project Zero - googleprojectzero.blogspot.com windows microsoft security dbgprintex kcb

Project Naptime: Evaluating Offensive Security Capabilities of Large Language Models Posted by Sergei Glazunov and Mark Brand, Google Project Zero IntroductionAt Project Zero, we co... 2024-6-21 01:0:0 | 阅读: 14 | 收藏 | Project Zero - googleprojectzero.blogspot.com overflow xbe naptime buffer2 llms

Driving forward in Android drivers Posted by Seth Jenkins, Google Project ZeroIntroduction Android's open-source ecosystem has led... 2024-6-14 02:3:0 | 阅读: 11 | 收藏 | Project Zero - googleprojectzero.blogspot.com dma ge dmabuf drv hwid

The Windows Registry Adventure #2: A brief history of the feature Posted by Mateusz Jurczyk, Google Project Zero Before diving into the low-level security aspec... 2024-4-19 00:46:0 | 阅读: 3 | 收藏 | Project Zero - googleprojectzero.blogspot.com windows regedit regf security hives

The Windows Registry Adventure #1: Introduction and research results Posted by Mateusz Jurczyk, Google Project Zero In the 20-month period between May 2022 and Dec... 2024-4-19 00:45:0 | 阅读: 7 | 收藏 | Project Zero - googleprojectzero.blogspot.com windows memory security corruption hives

First handset with MTE on the market By Mark Brand, Google Project ZeroIntroduction It's finally time for me to fulfill a long-standi... 2023-11-4 01:4:0 | 阅读: 13 | 收藏 | Project Zero - googleprojectzero.blogspot.com mte memtag chrome shiba scudo

An analysis of an in-the-wild iOS Safari WebContent to GPU Process exploit By Ian Beer A graph representation of the sandbox escape NSExpression payload In April this y... 2023-10-13 18:47:0 | 阅读: 22 | 收藏 | Project Zero - googleprojectzero.blogspot.com unmap remote objc

Analyzing a Modern In-the-wild Android Exploit By Seth Jenkins, Project ZeroIntroductionIn December 2022, Google’s Threat Analysis Group (TAG) dis... 2023-9-20 00:1:0 | 阅读: 16 | 收藏 | Project Zero - googleprojectzero.blogspot.com snd ctl ashmem elem attacker

MTE As Implemented, Part 3: The Kernel By Mark Brand, Project ZeroBackground In 2018, in the v8.5a version of the ARM architecture, ARM... 2023-8-3 00:30:0 | 阅读: 20 | 收藏 | Project Zero - googleprojectzero.blogspot.com mte memory attacker tagging hardware

MTE As Implemented, Part 2: Mitigation Case Studies By Mark Brand, Project ZeroBackground In 2018, in the v8.5a version of the ARM architecture, ARM... 2023-8-3 00:30:0 | 阅读: 10 | 收藏 | Project Zero - googleprojectzero.blogspot.com bypass mte bypasses attacker memory

MTE As Implemented, Part 1: Implementation Testing By Mark Brand, Project ZeroBackground In 2018, in the v8.5a version of the ARM architecture, ARM... 2023-8-3 00:30:0 | 阅读: 13 | 收藏 | Project Zero - googleprojectzero.blogspot.com mte bypass memory software speculative

Summary: MTE As Implemented By Mark Brand, Project ZeroIn mid-2022, Project Zero was provided with access to pre-production h... 2023-8-3 00:30:0 | 阅读: 10 | 收藏 | Project Zero - googleprojectzero.blogspot.com mte memory corruption security approaches

Release of a Technical Report into Intel Trust Domain Extensions Today, members of Google Project Zero and Google Cloud are releasing a report on a security revie... 2023-4-25 00:27:0 | 阅读: 10 | 收藏 | Project Zero - googleprojectzero.blogspot.com tdx security cloud 4th

Multiple Internet to Baseband Remote Code Execution Vulnerabilities in Exynos Modems Posted by Tim Willis, Project Zero Note: Until security updates are available, users who wish... 2023-3-17 02:7:0 | 阅读: 20 | 收藏 | Project Zero - googleprojectzero.blogspot.com baseband exynos remote samsung

Exploiting null-dereferences in the Linux kernel Posted by Seth Jenkins, Project Zero For a fair amount of time, null-deref bugs were a highly... 2023-1-20 01:33:0 | 阅读: 23 | 收藏 | Project Zero - googleprojectzero.blogspot.com refcount oops memory vma mmput

DER Entitlements: The (Brief) Return of the Psychic Paper Posted by Ivan Fratric, Project Zero Note: The vulnerability discussed here, CVE-2022-42855, w... 2023-1-13 00:59:0 | 阅读: 16 | 收藏 | Project Zero - googleprojectzero.blogspot.com entitlement collision utf8string