Tag: Vulnerabilities

Taking on a Zero Day with Intelligence

The situation described here does not come from the ivory tower; instead it comes from the real world and shows how to rapidly and efficiently address a zero-day vulnerability. You are probably already overwhelmed with patching. Alternatively, you...

Android 4.3 is Here! What Does it Mean for Security?

Let's take a few minutes to examine the changes Android 4.3 Jelly Bean introduces from a security perspective. While ultimately, the specific nature of the Android 4.3 Jelly Bean firmware image from the device manufacturer...

Subverting BIND's SRTT Algorithm: Derandomizing NS Selection

New vulnerability found in BIND, the most popular DNS server. Exploiting this vulnerability allows to reduce the amount of effort required for an off-path (blind) DNS cache poisoning attack. This blog post describes the vulnerability in a less...

First Steps to Securing Your Software

Application security matters. Most executives get this at a high-level -- they've read enough of those bold headlines, they know they need to do something about “application security” but, unless that executive started out life on a development...

The 3 Most Frustrating Challenges IT Security Teams Face

So you're the guy or gal charged with keeping the network environment safe, eh? And you're looking for help weeding through the torrents of threat information coming your way. What are your biggest sources of frustration when it comes to protecting...