download issue 24 here - Help Net Security

More documents

Recommendations

Info

A less restrictive JavaScript protection technique is to use the JavaScript BlackList Framework. This new feature allows you to leave support for JavaScript enabled, but to blacklist vulnerable JavaScript API functions. For example, to protect Adobe Reader from the 0-day in JavaScript API function Conclusion This article features several techniques to protect vulnerable office applications from exploitation by malicious documents. For step-by-step instructions on how to implement these techniques, visit my blog and DocMedia.newPlayer, you need to add this function to registry value tBlackList. By doing so, JavaScripts using this function will be interrupted when the vulnerable function is called inside the script. The user will see a warning, but he will not have the option to allow the function call to go through. select the PDF category: blog.didierstevens.com/category/pdf Keep in mind that these techniques work with current “in the wild” malware because we mitigate the tactics used by malware authors, but that this is an arms race and that evolving tactics require evolving protection measures. Didier Stevens (CISSP, GSSP-C, MCSD .NET, MCSE/Security, RHCT) is an IT Security Consultant currently working at a large Belgian financial corporation. He is employed by Contraste Europe NV, an IT Consulting Services company (www.contraste.com). You can find open source security tools on his IT security related blog at blog.DidierStevens.com. www.insecuremag.com 42
Here are some of the Twitter feeds we follow closely and can recommend to anyone interested in learning more about security, as well as engaging in interesting conversations on the subject. If you want to suggest an account to be added to this list, send a message to @helpnetsecurity on Twitter. Our favorites for this issue are: @IBMFedCyber Chris Ensey - Principal Security Strategist for IBM Federal. http://twitter.com/IBMFedCyber @wikidsystems Nick Owen - CEO of WiKID Systems. http://twitter.com/wikidsystems @paperghost Chris Boyd - Internet security guy. http://twitter.com/paperghost @mikkohypponen Mikko H. Hypponen - CRO at F-Secure. http://twitter.com/mikkohypponen www.insecuremag.com 43
Page 5 and 6: 25 million new malware strains in o
Page 7 and 8: Google hacked, plans to leave China
Page 9 and 10: Hacker attacks on healthcare organi
Page 11 and 12: Even though most standard stacks us
Page 13: Server support still missing Unfort
Page 16 and 17: What are these new approaches? Let
Page 18 and 19: The need for new security controls
Page 21 and 22: How many times have you, as a secur
Page 23 and 24: 1Password interface Although this i
Page 25 and 26: The option “Never prompt for mast
Page 27 and 28: The master password on the iPhone a
Page 29 and 30: Identifying those applications is n
Page 31: The single tool trap Scanning tools
Page 34 and 35: Cloud Security and Privacy By Tim M
Page 36: Spam and phishing scams will follow
Page 39 and 40: This infection method only works if
Page 41: Hook-createprocess.dll is a DLL tha
Page 46 and 47: organizations the tools they need t
Page 48: This is not unlike other business o
Page 52 and 53: acronyms without researching their
Page 54 and 55: process of calculation the answer.
Page 57 and 58: In any environment, large or small,
Page 59 and 60: Remoted (running on the server) rec
Page 61 and 62: alpha group alpha events 10000 Ch
Page 63: RSA Conference 2010 (www.bit.ly/rsa
Page 66: And most of the time, they fail bec
Page 69 and 70: We are also working with SANS on de
Page 71 and 72: There are three components involved
Page 73 and 74: " • Support for health checks by
Page 76 and 77: Sectool (www.net-security.org/softw
Page 78 and 79: To achieve this, retailers must shi

download issue 24 here - Help Net Security

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?