Michal drops the other shoe
Core CTO Ivan Arce offers his reaction to some of the newest ideas around secure development proposed by longtime industry colleague Michal Zalewski, taking a deeper look at how and why we look at IT...
View ArticleA Tale of WebEx Vulnerabilities and Forgotten Valentines Cards
I wouldn’t describe myself as a hoarder, but I am generally quite reluctant to throw things away. That old floppy disk on my shelf is a nostalgic reminder of how long it would take to install Windows...
View ArticleA Tale of Two Advisories
For better or for worse, I don’t think there is anyone in the security field today that doesn’t understand the value of security researchers, and their work to discover vulnerabilities within...
View ArticleWhat’s Up Adobe?
Last week, Brad Arkin from Adobe urged security researchers to consider focusing on defensive strategies for stopping attacks, rather than just on finding new offensive attacks. It does not make any...
View ArticleApplying Security Intelligence to Patch Management
Last week as Patch Tuesday (which was today) approached, I wondered about the efforts of admins everywhere to understand, test and then apply those patches that are applicable for their environment. I...
View ArticleImportantly Critical
Looking at the Microsoft Security Bulletin for May 2012 just issued this afternoon I suspect we will see a lot of noise regarding Bulletins 1, 2 and 3. However, it would be dangerous for IT...
View ArticleThe Big Trick Behind Exploit MS12-034
My name is Nicolas Economou and I am a senior member on the Exploit Writing Team here at CORE Labs – specializing in Windows kernel exploitation – where we work tirelessly to discover vulnerabilities...
View ArticleDown To The CORE: MAY 2012 IMPACT Update
You would have thought that after releasing Impact v12.3 and all the great new features and capabilities we would have taken a bit of a rest. However, patch Tuesday and other events kept occurring...
View ArticleSAP Netweaver Message Server Security Advisory
As part of our daily research tasks in CORE’s Security Consulting Services, we strive to continuously improve our knowledge of specific technologies and attack methods. In alignment with previously...
View Article
More Pages to Explore .....