SEARCH RESULTS
 
Showing 1-10 of 121 records
 
Expand article

How a Classic Man-in-the-Middle Attack Saved Colombian Hostages

2008-07-10 01:00:00 by Bruce Schneier in Wired Security
 
...attacker inserts himself between two communicating parties. Both believe they're talking to each other, and the attacker can delete or modify the communications at will. The Wall Street Journal reported how this gambit played out in Colombia The plan had a chance of working because, for months, in an operation one army officer likened to a...
 
Tags: implement mitm attacks, implement, mitm attacks, mitm, attack, mitm attack, bank, bank demands authentication, bank assumes
 
 
 
 
Expand article

Man-in-the-Middle Attacks

2008-07-15 06:47:19 by schneier in Schneier on Security
 
...attacker inserts himself between two communicating parties. Both believe they're talking to each other, and the attacker can delete or modify the communications at will The Wall Street Journal reported how this gambit played out in Colombia : "The plan had a chance of working because, for months, in an operation one army officer likened to a...
 
Tags: implement mitm attacks, implement, mitm attacks, mitm, mitm attack, bank, bank demands authentication, bank assumes, attacker inserts
 
 
 
 
Expand article

On virtualisation

2007-05-29 16:20:00 by Niels Provos in Google Online Security Blog
 
...attacker. As with any complex application, it would be naive to think such a large codebase could be written without some serious bugs creeping in. If any of those bugs are exploitable, attackers restricted to the guest could potentially break out onto the host machine. I investigated this topic earlier this year, and presented a paper at...
 
Tags: machine, virtual machine process, virtual machine software, host machine, host, software, virtual machine, low, low level access
 
 
 
 
Expand article

Giving SQL Injection the Respect it Deserves

2008-05-15 18:45:00 by sdl in The Security Development Lifecycle
 
...attacker to execute an arbitrary query through the application. This vulnerability allows for unauthorized, interactive, logon to a SQL server which may result in the execution of malicious commands leading to the possible modification (or deletion) of Operating System or user data Combining the use of parameterized queries and stored...
 
Tags: sql, sql injection bug, sql injection requirements, sql injection attack, sql server, sql execute-only permission, malicious sql payload, sql injection, sql injection vulnerability
 
 
 
 
Expand article

More trustworthy election systems via SDL?

2008-02-04 23:34:00 by sdl in The Security Development Lifecycle
 
...attacker, or an attacker can provide a maliciously modified USB stick in place of a legitimate one, the attacker could surreptitiously take complete control over the WinEDS client . Basically, this is a potential rootkit for election systems. A threat model, a fundamental design requirement of the SDL, could help uncover such design issues...
 
Tags: machine security concerns, security concerns, election systems, election, security, security researchers, election systems margin, margin, election management system
 
 
 
 
Expand article

Cold Boot Attacks Against Disk Encryption

2008-02-21 13:29:18 by schneier in Schneier on Security
 
...attacker to read the full contents of memory by cutting power and then rebooting into a malicious operating system Interestingly, if you cool the DRAM chips, for example by spraying inverted cans of canned air dusting spray on them, the chips will retain their contents for much longer. At these temperatures (around -50 C) you can remove the...
 
Tags: main memory chips, memory, todays dram memories, dram, dram contents, memory contents, disk encryption, hard, hard disk contents
 
 
 
 
Expand article

Automating web application security testing

2007-07-16 11:40:00 by Panayiotis Mavrommatis in Google Online Security Blog
 
...attacker can inject malicious scripts to perform unauthorized actions in the context of the victim's web session. Any web application that serves documents that include data from untrusted sources could be vulnerable to XSS if the untrusted data is not appropriately sanitized. A web application that is vulnerable to XSS can be exploited in...
 
Tags: web application, application, input, input parameters, accepts user input, xss, xss vulnerabilities, security, security team check
 
 
 
 
Expand article

Squirreling Backdoors Into Distribution Points

2007-12-19 22:16:35 by Chris Eng in Zero in a bit
 
...attacker controls SM PATH, its likely that a subsequent call to include() can be exploited to fetch and execute PHP code from a remote server. This is a typical example of a Remote File Include vulnerability Note that the attacker backdoored the 1.5.1 distribution as well, with the same type of vulnerability but at a different location in the...
 
Tags: md5 collisions, md5, md5 hashes, distribution, php, execute php code, execute, code, md5 unsafe
 
 
 
 
Expand article

What do the Cold Boot Crypto Attack, DVD Players, and MiFare tell us about the Future of Biometrics?

2008-03-26 00:16:43 by Erik T. Heidt in Art of Information Security
 
...attacker (Perhaps after you authenticate your legitimate purchase the clerk desires to use your identity herself). In the history of security controls, when the attacker has unsupervised at-will physical access, the attacker wins. Here are a few examples Defeated copy protection on DVDs ( more & more info Cold Boot Crypto Attack on hard disk...
 
Tags: biometric authentication, biometric authentication infrastructure, biometric authentication challenge, tamper-proof biometric authentication, authentication, authentication device, mifare, tamper, biometrics
 
 
 
 
Expand article

Designing Processors to Support Hacking