Expert analysis
Apache Prefork MPM Vulnerabilities
This case study is a result of source code analysis of Apache httpd server MPM modules. The main goal of this document is to show what may be done by an attacker who has the …
Taking Ownership of the Trusted Platform Module Chip on Intel Macs
I have been following the works of Trusted Computing Group (TCG) since their inception. The body, successor to the Trusted Computing Platform Alliance started by such giants …
Cisco IOS Exploitation Techniques
It’s been almost two years since Michael Lynn first demonstrated a reliable code execution exploit on Cisco IOS at Black Hat 2005. Although his presentation received a …
The State of Database Security
Ted Julian is the VP of Marketing and Strategy at Application Security Inc. In this video he discusses the current state of database security and offers some insight on what …
Firefox Security and Privacy Extensions
In the last few years Firefox gained a massive support from surfers worldwide. This is mainly because Internet Explorer, still the biggest player on the market, has proved to …
U3 USB Stick (In-)Security
USB sticks are THE Trend. They combine memory space and high data rates, they are small, lightweight, and are rewritable thousand times. New USB sticks often come with U3 …
Create Password Protected PDF Files On Your Mac
In the office I often use different word processors and text writing software applications. The majority of my output files are generated by the nifty (especially for a long …
The Exploit Development Process
Alexander Sotirov is a Vulnerability Researcher at Determina Inc. In this video, made at Black Hat Europe, he discusses on a general note how exploit writers develop exploits.
Lock Down Your Mac with DoorStop X
When it comes to security, Mac OS X has proved on numerous occasions that it is quite safe, right out of the box. However, that doesn’t mean it cannot use additional …
Interview with Joanna Rutkowska, security researcher
Joanna Rutkowska is primarily known for her contributions to Windows Vista backdoor installation and hiding techniques. She is very interested in stealth technology as used by …
Counting the Cost of Cyber Crime
It has been a busy month in cyberspace. TJX, the massive worldwide fashion retailer, is finally releasing some of the gory details of the recent hack which saw over 45 million …
Secure File Upload in PHP Web Applications
Various web applications allow users to upload files. Web forums let users upload avatars. Photo galleries let users upload pictures. Social networking web sites may allow …