logo

using

| Posted by Avatar Staff 904 days ago
Via: http://www.uninformed.org | Tags: improving software security analysis using exploitation properties comments Discuss  
Reliable exploitation of security vulnerabilities has continued to become more difficult as formidable mitigations have been established and are now included by default with most modern operating systems. Future exploitation of software vulnerabilities will rely on either discovering ways to circumvent these mitigations or uncovering flaws that are not adequately protected. Since the majority of the mitigations that exist today lack universal bypass techniques, it has become more fruitful to take the latte read more »
addto Add this link to... report Bury 
| Posted by Avatar Staff 904 days ago
Via: http://uninformed.org | Tags: postexploitation on windows using activex controls comments Discuss  
When exploiting software vulnerabilities it is sometimes impossible to build direct communication channels between a target machine and an attacker's machine due to restrictive outbound ... read more »
addto Add this link to... report Bury 
| Posted by Avatar Staff 656 days ago
Via: http://www.uninformed.org | Tags: using dualmappings evade automated unpackers comments Discuss  
Automated unpackers such as Renovo, Saffron, and Pandora's Bochs attempt to dynamically unpack executables by detecting the execution of code from regions of virtual memory that have been written to. While this is an elegant method of detecting dynamic code execution, it is possible to evade these unpackers by dual-mapping physical pages to two distinct virtual address regions where one region is used as an editable mapping and the second region is used as an executable mapping. In this way, the editable read more »
addto Add this link to... report Bury 
Category: news | Posted by Avatar Staff 479 days ago
Via: http://feeds.ziffdavisenterprise.com | Tags: using facebook social engineer security comments Discuss  
A penetration test by Netragard at an energy company highlights how hackers can use Facebook, LinkedIn and other social networking sites as part of phishing schemes. In the test, Netragard used social engineering to get its hands on information that could have been used to compromise critical systems at the company. Addressing this security issue means having smart policies about what employees can and cannot do on the Web. - The most important part of an attack isn't always a vulnerability; sometimesit read more »
addto Add this link to... report Bury 
Category: news | Posted by Avatar Staff 81 days ago
Via: http://go.theregister.com | Tags: using systems management tools security comments Discuss  
Chisel or sharpened screwdriver?Workshop Every IT professional recognises the importance of securing the IT systems that are now at the heart of many business processes. This recognition goes beyond simple deployment of security technologies.… read more »
addto Add this link to... report Bury 


Copyright 2005-2008 Best of Security