Saturday, April 28, 2012

MyAppSecurity's ThreatModeler

MyAppSecurity's Threat Modeler is far more comprehensive than Microsoft's.

Some of its features include:
  • Attack tree generation, which provides a visual representation of threats for a clearer analysis.
  • Automatically identify high value targets to ensure necessary security controls are put in place.
  • Centralized threat management to manage threats to your application, infrastructure, mobile devices, web services, etc.
  • Design and develop secure applications by enforcing secure architecture guidelines and secure coding standards including code snippets for various technologies.
  • Enforce secure deployment by providing secure hardening checklists for infrastructure components such as your database servers, web servers, host systems, etc.

Saturday, April 7, 2012

One reason why browser-based exploits win over Antivirus

As widely known, malware authors could make of SSL to bypass detection by proxy-based/host-based antivirus to deliver web-based malwares. Unlike HTTP, with the aid of anti-cache control header, malwares via HTTPS would never be saved to disk (which makes it undetected via on-access scanning mechanism by Antivirus softwares) and could be run directly from browser memory.

[click to enlarge]

Anatomy of Mobile Attack

[click to enlarge]

In courtesy of .  These attacks were briefly explained in the author's book, Android Forensics: Investigation, Analysis and Mobile Security for Google Android.

Friday, April 6, 2012

It took 11.2th version for Adobe Flash Player

It took 11.2th version for Adobe Flash Player to implment secure automatic update to prevent users from being exploited.

All previous versions

All previous versions of the Updater program asked user to manually install the update, which did not always guarantee the update would actually be installed. It even had "Don't remind me" feature to users. These reasons may indicate the reason Flash exploits  have been top successful exploits among black undergrounds.


Past Flash Exploits

IDDisc DateTitle
807072012-03-28Adobe Flash Player / AIR NetStream Class Unspecified Memory Corruption
807062012-03-28Adobe Flash Player / AIR Unspecified ActiveX Control URL Security Domain Checking Memory Corruption
798172012-03-05Adobe Flash Player Matrix3D Unspecified Memory Corruption
798182012-03-05Adobe Flash Player Unspecified Integer Errors Information Disclosure
793002012-02-15Adobe Flash Player Unspecified Remote Memory Corruption
792962012-02-15Adobe Flash Player Unspecified XSS

secure configurations for Laravel - The PHP Framework

This framework is makes security simple to achieve.  Out of all non-default settings, the little following can be set to achieve higher secu...