CSO : Common Sense Operator/Operations
As the CSO/CISO/person responsible for Information Security, your job is to… well … do you even know? Does upper management know? “Our crappy CSO …” and “Our stupid CSO …” are statements commonly used by various (techie) people, throwing their hands up in despair, attempting to prove that their CSO doesn’t understand technology and has […]
On CVE-2014-1770 / ZDI-14-140 : Internet Explorer 8 "0day"
Hi all, I have received a ton of questions regarding a recently published ZDI advisory, which provides some details about a bug I discovered and reported to Microsoft (via ZDI), affecting Internet Explorer 8. I wanted to take a few moments to clarify some of the confusion and answer some of the questions in this […]
DEPS – Precise Heap Spray on Firefox and IE10
Introduction Last week, while doing my bi-weekly courseware review and update, I discovered that my heap spray script for Firefox 9 no longer works on recent versions. Looking back at the type of tricks I had to use to make a precise spray work under Firefox 9 and IE 9, and realizing that these changes […]
Donate
Your donation will help funding server hosting.
