Tag Archives: Exploit Code / Malware

What will help significantly make Vista more secure

– Richard Bejtlich wrote an article at CSO magazine describing what will make a difference in Vista’s security. It should be noted that Memory Address Randomization will significantly help prevent the spread of attacks via exploits. It is a feature turned on by default. This was not mentioned…

Healthy Skepticism for “Year” of 0-day Oracle Bugs

– While I know that Cesar Cerrudo has shown proficiency at finding vulnerabilities. I worry when I read these two quotes next to each other on his website: We could do the Year of Oracle Database Bugs but we think a week is enough to show how flawed Oracle software is, also we don’t want to…

FUD, FUD and More FUD: ToorCon and Firefox Zero-day – Vulnerability Confusion Strikes Again!

– In August it was Apple, now it’s Mozilla/Firefox. The media reports (here and here) that two Toorcon researchers claim that Firefox is “critically flawed” and “impossible to patch.” The media also reports that “an attacker could commandeer a computer”,…

The Case for Full-Disclosure: When The Public Cannot Trust the Researchers, the Media or the Corporation

– There is major confusion about exactly what the Blackhat Apple wireless exploit represents. At various times it was reported that it was the flaw in the OS, the wireless driver shipped with the OS or a third-party wireless driver. The security researchers claim one thing, the press claims another…