Create an Account
username: password:
 
  MemeStreams Logo

Security Reads's MemeStream

search

Security Reads
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

Security Reads's topics
Arts
Business
Games
Health and Wellness
Home and Garden
(Miscellaneous)
Current Events
Recreation
Local Information
Science
Society
Sports
Technology

support us

Get MemeStreams Stuff!


 
Current Topic: Miscellaneous

Black Hat Europe 2010 update � argp's blog
Topic: Miscellaneous 12:48 pm EDT, Aug  4, 2010

BSD Kernel Stack/Heap Exploitation

Black Hat Europe 2010 update � argp's blog


The REIL language – Part II « blog.zynamics.com
Topic: Miscellaneous 10:20 pm EDT, Jun 22, 2010

The REIL language – Part II
By Sebastian Porst

In the first part of this series I gave a brief overview of the REIL language (Reverse Engineering Intermediate Language), the intermediate language we use in our internal binary code analysis algorithms. I talked about the language in general and what motivated us to create it. In this second part I am going to talk about the REIL instruction set.

The REIL language – Part II « blog.zynamics.com


Banned APIs and Extending the Visual Studio 2010 Editor - The Security Development Lifecycle - Site Home - MSDN Blogs
Topic: Miscellaneous 10:04 am EDT, Jun 22, 2010

While working on /GS – and navigating the unfamiliar corridors of the Visual Studio buildings – I got talking to Boris Jabes, Program Manager Lead in the Visual Studio IDE team. He told me how they were making the IDE easier to extend in Visual Studio 2010.

Banned APIs and Extending the Visual Studio 2010 Editor - The Security Development Lifecycle - Site Home - MSDN Blogs


blog.zynamics.com
Topic: Miscellaneous 1:07 pm EDT, Jun 10, 2010

A brief analysis of a malicious PDF file which exploits this week’s Flash 0-day
2010/06/09 by Sebastian Porst

I spent the last two days with a friend of mine, Frank Boldewin of reconstructer.org, analyzing the Adobe Reader/Flash 0-day that’s being exploited in the wild this week. We had received a sample of a malicious PDF file which exploits the still unpatched vulnerability (MD5: 721601bdbec57cb103a9717eeef0bfca) and it turned out more interesting than we had expected. Here is what we found:

blog.zynamics.com


Tavis Strikes Again
Topic: Miscellaneous 1:06 pm EDT, Jun 10, 2010

Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly ----------------------------------------------------------------------------

Help and Support Centre is the default application provided to access online documentation for Microsoft Windows. Microsoft supports accessing help documents directly via URLs by installing a protocol handler for the scheme "hcp", a typical example is provided in the Windows XP Command Line Reference, available at http://technet.microsoft.com/en-us/library/bb490918.aspx.

Tavis Strikes Again


Official release of PDF Dissector 1.0 � blog.zynamics.com
Topic: Miscellaneous 11:00 am EDT, Jun  1, 2010

Official release of PDF Dissector 1.0
By Sebastian Porst

I have talked about PDF Dissector, our new tool for analyzing malicious PDF files, on this blog before. After a few weeks of beta testing we are releasing PDF Dissector 1.0 today.

Official release of PDF Dissector 1.0 � blog.zynamics.com


CLR Team Blog : Automatically Capturing a Dump When a Process Crashes
Topic: Miscellaneous 8:49 am EDT, May 25, 2010

Automatically Capturing a Dump When a Process Crashes

I recently received the following question from a customer:

“During our test runs (which might run for hours), if a process crashes, we’d like to create full memory dumps for later diagnosis. Can I configure the machine to do this automatically?”

CLR Team Blog : Automatically Capturing a Dump When a Process Crashes


Azimuth Security: The Chrome Sandbox Part 1 of 3: Overview
Topic: Miscellaneous 9:12 pm EDT, May 22, 2010

The Chrome Sandbox Part 1 of 3: Overview
posted by Mark @ 5/20/2010 08:26:00 PM

Earlier this year, CanSecWest hosted the popular "Pwn2Own" contest, whereby contestants attempt to exploit vulnerabilities they have discovered in popular software packages. The contest has a strong focus on web browsers, and this year, it didn't disappoint: all of the major web browsers were successfully compromised, with the notable exception of Google's Chrome. I believe Chrome's survival was largely due to its integrated sandbox, which aims to isolate the browser from being able to perform any potentially adverse operations on the system upon which it is running. I have been working with Google for the last several months on Chrome, with one of my major charges being a security review of the sandbox and its related components. Therefore, with Google's blessing, I thought I might take some time here to discuss the basic sandbox architecture, the attack surface, and present a few examples of vulnerabilities I uncovered during my time working on it.

Azimuth Security: The Chrome Sandbox Part 1 of 3: Overview


Security Research & Defense : CDD.dll vulnerability: Difficult to exploit
Topic: Miscellaneous 8:44 pm EDT, May 20, 2010

CDD.dll vulnerability: Difficult to exploit

Today we released security advisory 2028859 notifying customers of a vulnerability in cdd.dll. We wanted to share more information about the public disclosure, exploitability, attack vectors, and workarounds here to help you understand the risk posed by this publicly-disclosed vulnerability.

Security Research & Defense : CDD.dll vulnerability: Difficult to exploit


Errata Security: Technical details of the Street View WiFi payload controversy
Topic: Miscellaneous 8:41 pm EDT, May 20, 2010

Technical details of the Street View WiFi payload controversy
Posted by Robert Graham at 12:38 PM
The latest privacy controversy with Google is that while scanning for WiFi access-points in their Street View cars, they may have inadvertently captured data payloads containing private information (URLs, fragments of e-mails, and so on).

Errata Security: Technical details of the Street View WiFi payload controversy


<< 1 - 2 - 3 - 4 - 5 - 6 >> Older (First)
 
 
Powered By Industrial Memetics
RSS2.0