In attempt to bring our readers/listeners more technical content, the SecuraBit team has brought on a guest blogger to cover some of the current issues facing malware analysts/reverse engineers. Nick Jogie’s first post delves into rootkit analysis and explains in great detail how to detect such when AV and perimeter security devices just aren’t enough. [...]
Archive for the ‘Guest Blogs’ Category
Windows 7 “XP Mode” Vulnerability
March 22nd, 2010
1 Comment
This past Thursday (3/18/10) Microsoft announced that it will be dropping the hardware acceleration requirement for using the “XP Mode” feature on Windows 7. XP Mode allows a user to run software which is not Windows 7 compatible in a virtualized instance of Windows XP on the same box. Previously, to use this feature in [...]
Vulnerability Roundup
March 15th, 2010
No Comments
Well, it isn’t Patch Tuesday yet, but that doesn’t mean there isn’t Microsoft news. A new 0-day has been found which exploits the help system in IE and older versions of windows (2000, XP, 2003). I’ve included a few links with information about the vulnerability and mitigation steps. It appears a patch for this (and [...]
Open Source Android Forensics
March 2nd, 2010
No Comments
With more and more people using mobile devices, there’s a growing need to examine these devices forensically. While there are commercial tools available, it only makes sense that there should be open source tools to use for it as well. To that end Andrew Hoog of viaForensics has announced the first release of their Android [...]
Vulnerability Roundup
February 25th, 2010
No Comments
Another week, another Adobe security problem, this time in Adobe’s Download Manager. The Adobe Download Manager (DLM) used to download updates from Adobe’s site, but Aviv Raff discovered a vulnerability which would force the Download Manager to download a file of an attacker’s choosing. DLM is supposed to remove itself from a system after a [...]
Vulnerability Roundup
February 17th, 2010
No Comments
While they were absent from last week’s roundup, Adobe has returned with advisories in 3 of their products, not surprisingly Flash and Reader, and also BlazeDS which is included in some of their server offerings. The Flash and Reader vulnerabilities share a CVE (CVE-2010-0186) which can allow an attacker to subvert domain sandboxing. The Reader [...]
Vulnerability Roundup
February 10th, 2010
No Comments
So last month’s Patch Tuesday was pretty quiet on the Microsoft front. Not so lucky this month with a total of 13 bulletins, 5 critical, 7 important. And one for MS Paint. That’s right, Paint. Looks like I’ll have to put down the little spray paint tool for a bit. The others include patches for [...]
Adobe JavaScript Blacklisting
February 10th, 2010
No Comments
The JavaScript implementations in Adobe Reader and Acrobat have been a sore spot for Adobe (as well as administrators) for a while now. To help make the world a safer place, Adobe has added a feature to Reader (versions 9.2 and 8.1.7) to allow administrators to blacklist certain functions in the JavaScript API. Many times [...]
Vulnerability Roundup
February 4th, 2010
No Comments
Another week, another Adobe advisory. This time, it’s not reader, but ColdFusion 9 which shipped with a service someone forgot to lock down to the localhost which would allow an attacker to view system information as well as mess with search indexes. Two advisories from Cisco as well this week, covering two different products and [...]
Vulnerability Roundup
January 27th, 2010
No Comments
Well, it looks like all the big boys are here. Microsoft, Google, Adobe, Cisco, and ISC’s BIND all make this week’s roundup. As mentioned in last week’s roundup, Microsoft released an out-of-band update for vulnerabilities related to the attacks on Google, Adobe and others. Speaking of Google and Adobe, Chrome 4 Stable has been released, [...]
