Tag: IBM X-Force Research

Taking on a Zero Day with Intelligence

The situation described here does not come from the ivory tower; instead it comes from the real world and shows how to rapidly and efficiently address a zero-day vulnerability. You are probably already overwhelmed with patching. Alternatively, you...

Subverting BIND's SRTT Algorithm: Derandomizing NS Selection

New vulnerability found in BIND, the most popular DNS server. Exploiting this vulnerability allows to reduce the amount of effort required for an off-path (blind) DNS cache poisoning attack. This blog post describes the vulnerability in a less...