Browse Definitions :
Definition

memory dump attack

A memory dump attack is the capture and use of RAM content that was written to a storage drive during an unrecoverable error, which was typically triggered by the attacker.

Developers commonly use memory dumps to gather diagnostic information at the time of a crash to help them troubleshoot issues and learn more about the event. The information stored in RAM at the time of a crash contains the code that produced the error. Retention of this error and the environment it occurred in is the usual purpose of a dump. As these dumps can include anything in the computer’s active RAM, they can present privacy and security concerns.

Hackers access memory dumps to obtain otherwise protected data or information or to compromise the host computer and/or systems it connects to. If an attacker gains some code execution and read capacity, he can cause a memory dump through a buffer overflow error (for example) and the resulting dump could be read on reboot. When that data is stored on the drive, it can also present security risks if savvy hackers access it and find sensitive information, cleartext passwords or decryption keys that normally would not be easily accessible.

Memory dump attacks can be thwarted by a number of means:

  • Programs that use password hashes instead of storing clear text passwords.
  • Tokenization so that only representative data will be in memory and sensitive data is stored elsewhere.
  • .NET based applications can use SecureString and Data Protection to limit the time that passwords are available unencrypted.
  •  Some Microsoft and other operating systems allow for memory dumps that contain less information and may also make it possible to turn off memory dumps.

In the event that a memory dump is triggered, the safest response is to track down the program that caused it and check for signs of intrusion such as keyloggers and packetsniffers.

This was last updated in January 2017

Continue Reading About memory dump attack

SearchNetworking
SearchSecurity
  • man in the browser (MitB)

    Man in the browser (MitB) is a security attack where the perpetrator installs a Trojan horse on the victim's computer that is ...

  • Patch Tuesday

    Patch Tuesday is the unofficial name of Microsoft's monthly scheduled release of security fixes for the Windows operating system ...

  • parameter tampering

    Parameter tampering is a type of web-based cyber attack in which certain parameters in a URL are changed without a user's ...

SearchCIO
  • business resilience

    Business resilience is the ability an organization has to quickly adapt to disruptions while maintaining continuous business ...

  • chief procurement officer (CPO)

    The chief procurement officer, or CPO, leads an organization's procurement department and oversees the acquisitions of goods and ...

  • Lean Six Sigma

    Lean Six Sigma is a data-driven approach to improving efficiency, customer satisfaction and profits.

SearchHRSoftware
SearchCustomerExperience
  • clickstream data (clickstream analytics)

    Clickstream data and clickstream analytics are the processes involved in collecting, analyzing and reporting aggregate data about...

  • neuromarketing

    Neuromarketing is the study of how people's brains respond to advertising and other brand-related messages by scientifically ...

  • contextual marketing

    Contextual marketing is an online marketing strategy model in which people are served with targeted advertising based on their ...

Close