Microsoft has been working on a tool called 'Nozzle' to prevent the exploitation of heap spraying attacks and released a whitepaper describing the process. From the whitepaper. "Heap spraying is a new security attack that significantly increases the exploitability of existing memory corruption errors in type-unsafe applications. With heap spraying, attackers leverage...
Symantec SQL Injected, Seeks Counseling
"The Romanian hacker who successfully broke into a web site owned by security vendor Kaspersky Lab has struck again, this time exposing shortcomings in a Symantec web server. The hacker, known only as Unu, said in a blog post today that he was able to access a server belonging to the security...
Firefox 3.6 locks out rogue add-ons
From computerworld "Mozilla will add a new lockdown feature to Firefox 3.6 that will prevent developers from sneaking add-ons into the program, the company said. The new feature, which Mozilla dubbed "component directory lockdown," will bar access to Firefox's "components" directory, where most of the browser's own code is stored. The company...
Article: Securely deploying cross-domain policy files
Peleus from Adobe's security team has published a blog entry on how to securely deploy flash crossdomain.xml files. If you're considering using flash on your site, or already are be sure to check out this article. Article: http://blogs.adobe.com/asset/2009/11/securely_deploying_cross-domai.html
Metasploit Framework 3.3 Released
The latest version of metasploit has been released. From the announcement "We are excited to announce the immediate availability of version 3.3 of the Metasploit Framework. This release includes 446 exploits, 216 auxiliary modules, and hundreds of payloads, including an in-memory VNC service and the Meterpreter. In addition, the Windows payloads now...
OWASP Issues 2010 Top 10 (RC1)
At AppsecDC OWASP published the latest version of its top ten list. From the Top Ten "OWASP plans to release the final public release of the OWASP Top 10 -2010during the first quarter of 2010 after a final, one-month public comment period ending December 31, 2009. This release of the OWASPTop 10...
Heading out to AppsecDC
I'll be heading out to AppSecDC to present Transparent Proxy Abuse on Thursday, so if you're attending and want to chat about appsec I'll be available after my talk. Here's a teaser of my presentation I'll be presenting a video demonstrating this abuse case against Squid and Mac OS X Parental Control...
TLS negotiation flaw published
Steve Dispensa and Marsh Ray have published a paper describing a weakness in the TLS negotiation process. This is the same attack discussed on the IETF TLS list. From the whitepaper "Transport Layer Security (TLS, RFC 5246 and previous, including SSL v3 and previous) is subject to a number of serious man-in-the-middle...
Amazon EC2 cloud computing for password/crypto cracking
There is a rather lengthy set of posts on using cloud based computing services as ideal venues for crypto and password cracking. Link: http://news.electricalchemy.net/2009/10/cracking-passwords-in-cloud.html Link: http://news.electricalchemy.net/2009/10/password-cracking-in-cloud-part-5.html