14 Posts

Mark Yason

Security Researcher, IBM X-Force

Mark Vincent Yason is a security researcher on IBM’s X-Force Advanced Research team. Mark’s current focus area is vulnerability and exploit research – he analyzes known vulnerabilities, discovers new vulnerabilities, studies exploitation techniques, and creates detection guidance/algorithms which are used in the development of IDS/IPS signatures. He also previously worked on malware research which naturally involved some degree of software protection research. He authored the paper “The Art of Unpacking” and co-authored the papers “Reversing C++”, “Playing In The Reader X Sandbox” and “Digging Deep Into The Flash Sandboxes”.

Written By Mark Yason

Read From PDF, Write to Edge’s Memory (CVE-2016-0117)

CVE-2016-0117 can be exploited to perform an arbitrary write to Edge's content process memory, a critical element for remote code execution.

Understanding EdgeHTML’s Attack Surface and Exploit Mitigations

EdgeHTML's large attack surface can be daunting for users. Learn more about possible attacks as well as exploit mitigations that enhance security.

WinRT PDF: A Potential Route for Attacking Edge

Vulnerabilities in the WinRT PDF tool in the new Microsoft Edge browser could allow cybercriminals to carry out expensive exploits.

MemGC: Use-After-Free Exploit Mitigation in Edge and IE on Windows 10

When used effectively, MemGC could help reduce the number of use-after-free vulnerabilities that plague Edge and Internet Explorer in Windows.

Understanding Regin’s Plugin Framework: Part 2

In the second part of this two-part series, IBM's Mark Yason discusses in more depth the Regin plugin framework hosted in the dispatcher module.

Reviving the Regin Dispatcher Module: Part 1

After reviving the Regin dispatcher module, Mark Yason ended up with a malware sample that was suitable for both static and dynamic analysis.

CVE-2014-0195: Adventures in OpenSSL’s DTLS Fragmented Land

Here is a look at the remote code execution bug in OpenSSL's DTLS, how it works and the different ways cybercriminals might leverage it for exploitation.

Understanding IE’s New Exploit Mitigations: The Memory Protector and the Isolated Heap

In response to two attacks, new Internet Explorer exploit mitigations were released to increase the cost of exploiting IE use-after-free vulnerabilities.

A Peek into IE’s Enhanced Protected Mode Sandbox

IE 10 Enhanced Protected Mode (EPM) sandbox research that was presented at Hack in the Box 2013 and the Black Hat Asia 2014 security conferences. Summary of findings and discussion of the most important points and related resources to find out more...

Diving Into IE 10’s Enhanced Protected Mode Sandbox at Black Hat Asia 2014

If you’re using Internet Explorer in immersive mode on Windows 8/8.1 to browse Internet web sites, under the hood, your browser will be running inside the Enhanced Protected Mode sandbox. Enhanced Protected Mode (EPM) is the sandboxing mechanism...

Co-Written By Mark Yason