• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Focus On: Vista
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns

Security Blogs: Matasano (Page 1 of 1)  

Race To Zero: It's Not A Contest, It's A Protest
Matasano - By: Dave G., 2008-05-05
This contest isn’t a contest. This contest is a protest. It is a protest against the fact that there is simply not enough innovation in the anti-malware space.

BlackBag 0.9.1 - New link and minor fixes
Matasano - By: Eric Monti, 2008-05-01
Black Bag gets reposted and a minor update.

Retsaot is Toaster, Reversed: Quick'n Dirty Firmware Reversing
Matasano - By: Eric Monti, 2008-04-29
Some interesting challenges and discoveries from reverse engineering embedded systems.

Coverage: Don't Believe The Hype
Matasano - By: Dave G., 2008-04-23
Measuring this stuff is hard, and the amount of time to do it in a credible way is probably best spent on actually testing more.

Defense in Depth, Reconsidered: Is Information Security Anything Like War?
Matasano - By: Thomas Ptacek, 2008-04-21
Despite repeated assertion, I am dubious about the standing of “defense in depth” as a core principal for security design.

Introduced: A resolution resolving the semantic quarrel over malloc checking.
Matasano - By: Thomas Ptacek, 2008-04-18
LeBlanc is right. I am wrong. “Not checking” is bad.

Why Injectable Virtual Machines?
Matasano - By: wbrown, 2008-04-17
This post should hopefully help provide more context for the readers to understand the raison d’etre behind injectable virtual machines and my research.

Dowd's Flash Report: What Have We Learned?
Matasano - By: Thomas Ptacek, 2008-04-15
How nasty is the Flash vulnerability Dowd found? Combined with any DNS vulnerability or any high-profile cross-site scripting vulnerability, the weaponized version of this attack would probably clock in at tens of thousands of compromised browsers per minute.

This New Vulnerability: Dowd's Inhuman Flash Exploit
Matasano - By: Thomas Ptacek, 2008-04-15
Reliable Flash vulnerabilities are catastrophes. In 2008, we have lots of different browsers. We have different versions of the OS, and we have Mac users. But only one Flash vendor, and Mark Dowd has the goods.

Cigital Ponders: Is Penetration Testing Security Testing?
Matasano - By: Dave G., 2008-04-09
My initial response was: duhhhhhhhh. My second response was: uhm yes. My third response was: Maybe I should read past the subject before I respond.