A new whitepaper on Vulnerability Research has been added to the Services section of our website.
It features an introduction to our top-down research methodology and presents the key benefits of the census Vulnerability Research service.
A new whitepaper on Security Testing has been added to the Services section of our website.
It features an introduction to aggressive security testing with the Tiger Team & Penetration Testing services, and presents the key benefits of the census Security Testing approach.
AthCon 2010 is now over and I must say that I’m really looking forward to next year’s event! Kudos to Christian, Kyprianos, Fotis, Chariton, Bernardo, Sandro, Iftach, Corrado, Rodrigo, Alberto and everyone else for making this such a great event!
The main theme of my presentation was “Context-keyed payload encoding”, a shellcode encoding technique that allows attackers to evade detection from NIDS that employ dynamic payload analysis.
read more...| census ID: | census-2010-0001 |
| CVE ID: | CVE-2010-2020 |
| Affected Products: | FreeBSD 8.0-RELEASE, 7.3-RELEASE, 7.2-RELEASE |
| Class: | Improper Input Validation (CWE-20) |
| Remote: | No |
| Discovered by: | Patroklos Argyroudis |
We have discovered two improper input validation vulnerabilities in the FreeBSD kernel’s NFS client-side implementation (FreeBSD 8.0-RELEASE, 7.3-RELEASE and 7.2-RELEASE) that allow local unprivileged users to escalate their privileges, or to crash the system by performing a denial of service attack.
read more...
More details on this will follow soon.
A new whitepaper on Digital Forensics has been added to the Services section of our website.
It features a gentle introduction to the field of digital investigations and presents the key benefits of the census Digital Forensics service.
census will be presenting “Context-keyed Payload Encoding: Fighting the Next Generation of IDS” at AthCon 2010. AthCon is a fresh IT security conference which will take place this summer in Greece! Our presentation will cover the latest in IDS evasion techniques for targeted shellcode and will feature new Metasploit modules implementing the presented techniques.
…you don’t want to miss out on this, so register now!
In my recent Black Hat Europe 2010 talk I gave an overview of the kernel exploitation prevention mechanisms that exist on FreeBSD. A few people at the conference have subsequently asked me to elaborate on the subject. In this post I will collect all the information from my talk and the various discussions I had in the Black Hat conference hallways.
read more...Black Hat Europe 2010 is now over and after a brief ash cloud caused delay I am back in Greece. It has been a great conference, flawlessly organised and with many outstanding presentations. I would like to thank everyone that attended my presentation but also all the kind people that spoke to me before and afterwards. I hope to meet all of you again at a future event.
This article is a followup to our last year’s advisory on canary randomisation for applications of the Debian distribution.
I was recently asked what the currently employed method is for canary randomisation in SSP-armoured Linux applications. I’ve been meaning to write an article on this for some time now, but didn’t have the necessary time. So here it is (albeit a little late).
read more...