SecurityRatty: tag: automatic

Automatic Patch-Based Exploit Generation is Possible: Techniques and Implications

2008-04-28 15:41:41 by Editor in Help Net Security - Articles

The automatic patch-based exploit generation problem is: given a program P and a patched version of the program P', automatically generate an exploit for the potentially unknown vulnerability present

Tags: exploit generation, exploit, unknown vulnerability, automatic, program, version

SQL Injection Attacks Against Automatic License Plate Scanners

2008-04-29 15:21:34 by schneier in Schneier on Security

This picture is almost certainly Photoshopped, and a joke, but it's certainly a clever idea. As automatic license plate scanners become more common, why not get a SQL injection attack as a plate Reminds me of this xkcd cartoon

Tags: automatic license, sql injection attack, xkcd cartoon, scanners, clever idea, common, joke, reminds, picture

Making a file with an automatic key in iSeries with DDS keyword

2008-05-09 12:42:32 by Kent Milligan in WhatIs: Enterprise IT tips and expert advice

If you want to create an automatic key using a DDS keyword on AS/400, Kent Milligan explains that any native writes performed against an SQL table created with an identity table will result in DB2 generating identity values

Tags: dds keyword, automatic key, kent milligan explains, native writes, sql table, identity table, identity values, db2, as400

Malware and Office Documents Joining Forces

2008-07-14 11:20:34 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...Automatic translation of its description and core features The program represents a generator OfficeJoiner macros in the language Visual Basic for Application (VBA), for introduction in the document Microsoft Office Word / Microsoft Office Excel executable file (win32 exe), followed by fully automatic recovery and launch, without any...

Tags: document, document macros, support, enable support, macro, macro viruses, support vba macros, exe-file, extract exe-file

Supporting your family, friends, and neighbors

2008-02-13 17:45:40 by Steve Riley in Steve Riley on Security

...automatic update client is running whenever you visit your FFN. This feature exists for them and minimizes the amount of work you need to do. Let Microsoft take care of patch management for your FFNoutsource it to us by making sure that all computers are downloading and installing updates automatically Simply using a firewall and installing...

Tags: suspicious e-mail message, mail, home computers defense, home computers, e-mail, home, web mail, windows live mail, site

Introducing Google's online security efforts

2007-05-21 09:43:00 by A Googler in Google Online Security Blog

...automatic updates for your operating system as well your browsers, browser plugins and other applications you are using. Automatic updates ensure that your computer receives the latest security patches as they are published. We also recommend that you run an anti-virus engine that checks network traffic and files on your computer for known...

Tags: activity, malware activity, web servers, servers, malware, anti- malware effort, malware distribution servers, sites, web sites

Fuzz Testing at Microsoft and the Triage Process

2007-09-20 18:52:00 by sdl in The Security Development Lifecycle

...automatic triaging our fuzz testing tools perform. In this post, I'd like to shed some light on how we monitor for program failures when fuzzing parsers and how the recent animated cursor bug, MS07-017 caused us to revisit and ultimately improve our fuzzing tools Background For our purposes, fuzz testing is a method for finding program...

Tags: chance exceptions, exceptions, exception handler, exception, divide-by-zero exception, exception code, triage process, process, first-chance exceptions

Wrapping up Threat Modeling

2008-02-14 22:51:35 by sdl in The Security Development Lifecycle

...automatic, because theres a whole set of tasks you can ignore while the automatic transmission handles them for you. In my approach, this relates pretty closely to the concept of flow. If youre so focused on rules and jargon, you cant focus on what you should be building. Cool, well-designed features to help your customers In Conclusion We...

Tags: threat, threat modelers, threat models, threat model, design, design specification, specification, set, challenges set people

Binary Analysis Seminar At UC Berkeley

2008-02-01 14:50:21 by Chris Wysopal in Zero in a bit

...automatically extracting security related properties from them. In particular, I will describe the two central research directions of BitBlaze: (1) the design and development of the underlying BitBlaze Binary Analysis Platform, and (2) applying the BitBlaze Binary Analysis Platform to addressing real-world security problems, including...

Tags: binary, binary analysis, binary-centric approach, seminar, security, real-world security, computer security, bitblaze project, dawn song

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo