Software flaws have become serious vulnerabilties for companies today, as the security measures have become much better along the perimeter. And it’s not just the flaws in enterprise and ISV code — even code written by major antivirus companies can be at risk. F-Secure just posted a couple security bulletins around vulnerabilities in their antivirus products. Of particular interest is a buffer overflow in handling LHA archives. Successful exploitation would allow an attacker to execute arbitrary code on the system with elevated privileges.

File format vulnerabilities are nothing new but they are certainly becoming more prevalent, often …

Analysis of binary files without access to the source code is becoming more prevalent in the last five years or so. Of course Java decompilers have been around almost as long as Java itself, but that’s not machine code. I’m talking about analysis of native machine code (x86 or PowerPC instructions), and not from object code (.o or .obj files), which have relocation and symbol information in them. In other words, the actual programs that run on real computers.

The University of Wisconsin has had their Codesurfer/x86 project since about 2003. It uses a combination of disassembly and custom static …

Identity theft and the huge TJX breach have brought information technology and security to the forefront and now the states of Texas and Massachusetts are contemplating bills that would hold corporations financially responsible for security breaches.

Computerworld’s Article states that “Texas mulls bill that would make PCI requirements a state law”. According to the article, Texas Bill HB 3222 passed the House of Representatives 139-0. It should prove interesting to see what the Texas Senate and Governor Rick Perry have to say about this. Is this really the right move …

Network World recently published an article entitled Cisco says FTP feature in IOS is a hacker backdoor. The opening paragraph reads as follows:

Cisco says a flaw in the FTP server utility in its IOS router/switch software could be used as a backdoor by attackers.

Do you see the discrepancy? The opening statement is inconsistent with the title of the article. Are they saying that the flaw could be used as a backdoor, or that the flaw itself is a backdoor?

Any vulnerability that is remote, pre-authentication, and trivial to exploit could be used as a backdoor …

[Allow me to introduce Mike VanEmmerik. Mike is one of our engineers, who works closely with Christien Rioux and others on Veracode's analysis engine. Those of you who follow the decompilation community probably recognize his name. We'll have a full bio posted for him soon, and he will be a regular contributor to this blog.]

It Couldn’t Happen To Us!
by Mike VanEmmerik

Surely this was what was going through the minds of the security staff of retailer TJX when they decided that WEP wireless security was “good enough”. One thing they most certainly were not envisaging was a group …

I never actually posted the rest of my notes from CanSecWest. At this point, I’d be leaning towards leaving it at that, but since I’ve had a couple requests to finish up, I’ll oblige, providing I can still remember the salient points. So without further ado, CanSecWest Day 3:

Andrea Barisani and Daniele Bianco from Inverse Path gave an informative and entertaining presentation on Unusual Car Navigation Tricks in which they explained how RDS-TMC traffic messages could be easily forged to create “events” that would then be received and displayed by TMC-capable GPS devices. Normally TMC is …