SEARCH RESULTS
 
Showing 1-10 of 64 records
 
Expand article

Anti-Debugging Series - Part III

2009-01-07 20:54:48 by Tyler Shields in Zero in a bit
 
...documentation there are four documented values for this parameter ProcessBasicInformation (0), ProcessDebugPort (7), ProcessWow64Information (26), and ProcessImageFileName (27). There are other undocumented values that can be passed in, some of which allow for interesting anti-debugging techniques, however we will focus on the...
 
Tags: api based, api, api calls, function, function call takes, pointer, function pointer, call, function prototype
 
 
 
 
Expand article

Microsoft SDL Process in detail

2008-04-09 19:13:00 by sdl in The Security Development Lifecycle
 
...documentation on the Microsoft Security Development Lifecycle, version 3.2 is for illustrative purposes only. This documentation is not an exhaustive reference on the SDL process as practiced at Microsoft. Additional assurance work may be performed by product teams (but not necessarily documented) at their discretion. As a result, this...
 
Tags: sdl, microsoft sdl, sdl process, microsoft, sdl guidance, guidance, secure, secure software development, development
 
 
 
 
Expand article

Giving SQL Injection the Respect it Deserves

2008-05-15 18:45:00 by sdl in The Security Development Lifecycle
 
...documentation Applications accessing a database must do so only using parameterized queries Creating dynamic queries using string concatenation potentially allows an attacker to execute an arbitrary query through the application. This vulnerability allows for unauthorized, interactive, logon to a SQL server which may result in the execution...
 
Tags: sql, sql injection bug, sql injection requirements, sql injection attack, sql server, sql execute-only permission, malicious sql payload, sql injection, sql injection vulnerability
 
 
 
 
Expand article

Logging Poll #8 Analysis: Needed Log Context

The Article has images
2008-06-03 08:38:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
...documentation never hurts :-) - indeed, the most popular information to look for when facing a new log record is documentation on what it means. While some software vendors are great in this regard, many other don't bother documenting their logs or document them only when customers complain Second , I was not sure that the second popular...
 
Tags: log, recent log entry, strange log entry, log time stamps, log record, heavy log, log entry, complement logs, logs
 
 
 
 
Expand article

Is Your Amazon Machine Image Vulnerable to SSH Spoofing Attacks?

The Article has images
2008-07-14 16:26:40 by Craig Balding in Cloud Security
...documentation was revised to reflect the change as follows Amazon EC2 public AMI s ( Amazon Machine Image ) generate unique SSH ( Secure Shell ) host keys each time you launch an instance. This enables you to get the host SSH keys from the console output and verify the host to which you are connecting Important note: SSH host keys enable...
 
Tags: ssh, limit ssh access, ssh host keys, host keys, ssh user keys, amazon, host ssh keys, amazon machine image, initial ssh connection
 
 
 
 
Expand article

When is 4 out of 5 stars is not 4 out of 5 stars or do I have a car for you!

The Article has images
2008-07-21 23:47:46 by HASH0x8b76ffc in StillSecure, After All These Years
...documentation and a 3 star rating in support. In contrast StillSecure Safe Access received 5 stars across the board, except for a 4 star grade in documentation. How both products finish up with a 4 star rating overall based upon this is frankly baffling to me. I think it has more to do with the reviewer not wanting to spank any of the...
 
Tags: car, master car salesman, car salesman, car sales guys, nac device, star, star grade, nac, products
 
 
 
 
Expand article

When is 4 out of 5 stars not 4 out of 5 stars or do I have a car for you!

The Article has images
2008-07-21 22:55:10 by ashimmy in StillSecure, After All These Years
...documentation and a 3 star rating in support. In contrast StillSecure Safe Access received 5 stars across the board, except for a 4 star grade in documentation. How both products finish up with a 4 star rating overall based upon this is frankly baffling to me. I think it has more to do with the reviewer not wanting to spank any of the...
 
Tags: car, master car salesman, car salesman, car sales guys, star, star grade, nac device, review, nac
 
 
 
 
Expand article

OWASP European Summit - Portugal

2008-10-15 18:27:22 by Tim Bass in The Complex Event Processing Blog
 
...documentation projects, and web application security trends. Join us in Portugal in just a few short weeks! This venue hosts a diverse selection of training courses along with technical and business tracks, making it THE place to learn about web application security and the resources OWASP has available for use today OWASP is a not-for-profit...
 
Tags: summit, documentation, owasp documentation projects, projects, owasp, owasp tools projects, owasp tools, owasp summit website, owasp projects
 
 
 
 
Expand article

10,501 USAF members informed of missing laptop

The Article has images
2008-01-01 00:15:46 by Evan Francen in The Breach Blog
...Documentation Evan] What kind of historical documentation requires Social Security numbers be taken home on a laptop Victim Reaction from J.J. Evans, a 24 year USAF veteran When you trust someone with that, you expect better When someone gets a hold of a computer, they can wreck things It's in the best interests of businesses and the...
 
Tags: sensitive personal information, personal information, air force, air force base, laptop, personal information home, usaf band, air force officials, band