| |
|
TippingPoint | DVLabs | MOBOTS: WeatherFist Exposed |
|
|
|---|
| Topic: Miscellaneous |
10:51 am EST, Mar 11, 2010 |
MOBOTS: WeatherFist Exposed * By Daniel Tijerina
* Wed 10 Mar 2010 11:41am
* 266 Views
* 0 Comments
* Link Last week, San Francisco was kind enough to play host to the annual RSA Security Conference. As you may remember from Jason Avery's last post, several TippingPointers were on-hand for the festivities.
TippingPoint | DVLabs | MOBOTS: WeatherFist Exposed |
|
Hex blog: Preview of the new cross-platform IDA Pro GUI |
|
|
|---|
| Topic: Miscellaneous |
10:43 am EST, Mar 11, 2010 |
Preview of the new cross-platform IDA Pro GUI In order to provide our customers with the best user experience and in order to target many different platforms, the IDA Pro graphical user interface is currently being rewritten using the Qt technology.
Hex blog: Preview of the new cross-platform IDA Pro GUI |
|
Testing and Validation of Network Security Devices — BreakingPoint |
|
|
|---|
| Topic: Miscellaneous |
9:31 pm EST, Mar 10, 2010 |
2010-03-01
Testing and Validation of Network Security Devices While catching up on security news and blogs the other day, I came across a blog post from ICSA Labs entitled "Why a Test Lab Needs to be Wary of Commercial Exploit Packet Captures" and thought that it would be a good conversation starter to inform our readers about how BreakingPoint approaches developing test cases for security device testing, our methodology behind why we develop our test cases the way we do, and the thought processes and conclusions behind those decisions.
Pretty good overview of how BreakingPoint devices work. Testing and Validation of Network Security Devices — BreakingPoint |
|
VRT: APT: Should your panties be in a bunch, and how do you un-bunch them? |
|
|
|---|
| Topic: Miscellaneous |
5:08 pm EST, Mar 10, 2010 |
Tuesday, March 9, 2010
APT: Should your panties be in a bunch, and how do you un-bunch them?
There is no more predictable group of people than marketers. Once a term reaches a certain tipping point, they grab onto it for dear life and choke it until it means nothing. Apparently, the Advanced Persistent Threat (APT) hit that point somewhere around December. Despite the term being used by the defense industrial base for years, it wasn’t until this year that firms really started pounding the “Come to us my children, only we can save you from death by APT” drum.
I agree with the first portion re: marketing. The rest is kinda, blah. VRT: APT: Should your panties be in a bunch, and how do you un-bunch them? |
|
|
|---|
| Topic: Miscellaneous |
6:48 pm EST, Mar 8, 2010 |
The news was alive in January 2010 with talk of how Google was thinking of a new approach to China, possibly including to withdraw its business, after what was said to be a “highly sophisticated and targeted attack on our corporate infrastructure originating from China” in December 2009. Early technical analysis, including to publish that the attack exploits a vulnerability in Internet Explorer that had been unknown to the security industry, seems to have been in the hands of MacAfee, whose page Operation Aurora Hit Google, Others christens the attack and has George Kurtz effusing that “the world has changed” and that “everyone’s threat model now needs to be adapted to the new reality of these advanced persistent threats”.
Great IE Internals discussion of the Aurora bug Operation Aurora |
|
Confusion about Opera vulnerability - Blog - Blog & News - Company |
|
|
|---|
| Topic: Miscellaneous |
6:34 pm EST, Mar 8, 2010 |
The vulnerability was reported as an integer overflow when processing the "Content-Length" header and accompanied by a PoC that always crashed when copying memory due to an overly large size. Based on the provided PoC and report, it immediately seemed like the crash would always occur and executing code would not be possible.
Secunia gives you the straight dope. Confusion about Opera vulnerability - Blog - Blog & News - Company |
|
As Memory Protections Advance, Exploits Stay a Step Ahead | threatpost |
|
|
|---|
| Topic: Miscellaneous |
10:52 am EST, Mar 8, 2010 |
SAN FRANCISCO--Despite years of efforts by software security teams at major vendors to harden the operating systems and browsers that are the most common targets of attackers, exploitation of new as well as older vulnerabilities is still simpler than many people might think.
As Memory Protections Advance, Exploits Stay a Step Ahead | threatpost |
|
Microsoft BlueHat Blog : Parser Central: Microsoft .NET as a Security Component |
|
|
|---|
| Topic: Miscellaneous |
9:13 am EST, Mar 8, 2010 |
Thursday, March 04, 2010 7:44 AM BlueHat
Parser Central: Microsoft .NET as a Security Component During the past decade or so, a significant portion of the computer industry has set out in a quest for secure software. That this sizable force of smart people with all their resources and market power has not yet brought us a secure and safe computing experience, should be an indication that this task is not something you can just turn around and do.
Great guest-blog by FX. I couldn't agree more. Microsoft BlueHat Blog : Parser Central: Microsoft .NET as a Security Component |
|
