Tuesday, July 29, 2008

What is ASLR?

What is ASLR?
Windows Vista includes a variety of security features not found in previous operating systems such as Windows XP. One of these features is ASLR. ASLR is like a shell game...

Microsoft Worldwide Partner Conference
This week Microsoft, and every company that is a partner of Microsoft, have descended upon Houston. Thankfully, I live here so I didn't have to travel far. I get to...

No Critical Security Bulletins for July
For July, Microsoft released only 4 new Security Bulletins and none of them were Critical. Actually, all 4 were rated as Important, which typically means they are serious, but that...

GPS Units Help Thieves Find Jackpot
When you go out shopping, or to a baseball game, or wherever, odds are fair that you lock your car doors when you leave. You probably want to protect your...

Microsoft Windows DirectX SAMI Code Execution
Microsoft Windows DirectX could allow a remote attacker to execute arbitrary code on the system.

Automated SQL Injection Attacks
Over the past few months, IBM X-Force has seen an escalation of SQL injection and other web-related attacks.  In the past few weeks, these attacks have culminated into  automated SQL injection attacks that, in some cases, have systematically defaced websites. As of July 24, IBM MSS has continued to monitor escalating attack attempts. Although most exploitation had been focused on ASP (primarily fueled by the Asprox botnet and Chinese sources), recent exploitation has turned to attacks specific to ColdFusion from sources that appear to be mostly Russian.

Laptop Searches Legal?
At some point, the United States Customs and Border Patrol decided that the current administration's blatant disregard for the Constitution of the United States trickles down to them as well...

Microsoft Dynamics GP Multiple (4) Buffer Overflows
The Microsoft Dynamics GP is vulnerable to four heap and stack-based buffer overflows. A remote attacker could overflow the buffer and execute arbitrary code or gain control of the affected system by sending malicious queries to the Distributed Process Server or Distributed Process Manager.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)