Writings on Security, Research, and Technology

Bypassing glibc Safe-Linking: CSAW 2021 Quals (word_games)

This post overviews and implements exploitation strategies that circumvent new safe-linking heap protections included in glibc-2.32+. Safe-linking shortcomings are demonstrated in the context of a binary exploitation Capture the Flag challenge submitted to New York University's CSAW 2021 Qualification competition. … Read More 

WINTERN 2020: Zombie Link Crawler

In this post, our intern Justin Mai documents his process of creating a scraper to find dead or "zombie" links. These are links where the domain has expired and is able to be registered, potentially by an adversary to bring their unsuspecting victims to malicious sites. … Read More 

WINTERN 2020: IoT Firmware Analysis

Read More 

A Retrospective on Modern Information Operations

In 2019, Margin Research gave a presentation at SummerCon in which we explored threats relating to social media astroturfing with the intent of conducting disinformation campaigns. We reviewed known attacks and presented our framework for studying disinformation campaigns. Since then, this field has developed considerably alongside our investigations into novel attack surfaces introduced by manipulating the social dynamic in digital spaces. … Read More 

The Risks of Huawei Risk Mitigation

While there is widespread agreement that Huawei devices in 5G infrastructure pose some risk to the U.S. and allied nations, the policy community—in particular the U.K.’s National Cyber Security Centre—has paid insufficient attention to the technical aspects. The discussion must examine not simply whether China would use this technology maliciously, but the specific threats that Huawei equipment could pose and the extent to which these threats can be mitigated. … Read More 

Out-of-Order Execution as a Cross-VM Side-Channel and Other Applications

Given the rise in popularity of cloud computing and platform-as-a-service, vulnerabilities in systems which share hardware have become more attractive targets to malicious actors. One of the vulnerabilities inherent to these systems is the potential for side-channels, especially ones that violate the isolation between virtual machines. … Read More