http://www.secureworks.com/research/ Blog posts and Threat Analyses from the SecureWorks Research Team. http://www.secureworks.com/research/blog/index.php/2008/05/06/the-race-to-zero There has been a fair amount of controversy as of late surrounding The Race to Zero contest to be unofficially held at DEFCON 16 this coming August. To briefly summarize, contestants are to be given samples of computer viruses/malware and access to a contest portal. http://www.secureworks.com/research/blog/?p=89 http://www.secureworks.com/research/threats/topbotnets http://www.secureworks.com/research/threats/topbotnets http://www.secureworks.com/research/blog/index.php/2008/04/18/jon-ramsey-on-rsa Last week I attended the RSA Conference, the largest information security conference in the world. Alan Turing was the conference mascot and the question âwhat would Turing doâ was frequently asked. Turing was a brilliant computer scientist, considered the father of modern computing, capable of seeing the math in everything and envisioned an age when machines would be as intelligent as humans. http://www.secureworks.com/research/blog/?p=87 http://www.secureworks.com/research/threats/certificateattacks http://www.secureworks.com/research/threats/certificateattacks http://www.secureworks.com/research/blog/index.php/2008/03/20/speaking-in-atlanta-at-outerz0ne For any of you that will be in the Atlanta area, I encourage you to come down to the Outerz0ne 4 security conference this weekend. It's my first time attending Outerz0ne, but I'm told it has a great small conference atmosphere and plenty of end-of-day revelry. This year's collection of talks looks to be the strongest yet. http://www.secureworks.com/research/blog/index.php/2008/03/20/speaking-in-atlanta-at-outerz0ne-4/ http://www.secureworks.com/research/threats/healthcareattacks http://www.secureworks.com/research/threats/healthcareattacks http://www.secureworks.com/research/blog/index.php/2008/03/07/javascript-considered-harmful There is an old saying that says, "To survive a bear attack you don't have to outrun the bear, you just have to outrun your friend." This analogy can also be applied, to some degree, to the Internet as well. In some instances, you don't have to completely secure yourself from hackers, you just have to be more secure than the next organization. Hackers go after low hanging fruit because it gives the most bang for their buck. This year it appears that client side attacks represent that low hanging fruit. The modern web browser is an incredible, complicated piece of software with a large attack surface. http://www.secureworks.com/research/blog/index.php/2008/03/07/javascript-considered-harmful-or-how-i-learned-to-stop-worrying-and-love-noscript-by-hunter-king-security-researcher-with-the-secureworks-counter-threat-unit%e2%84%a2/ http://www.secureworks.com/research/threats/ozdok http://www.secureworks.com/research/threats/ozdok http://www.secureworks.com/research/blog/index.php/2008/03/04/character-encoding-issues Recently, Core Security announced a vulnerability in VMware Workstation (Server and ESX are unaffected) that allows a guest operating system to break out of its virtualized environment and interact with the host operating systems. They discovered it was possible to break out of the virtualized environment by using a directory traversal attack on a shared folder designed to allow data to be passed between the guest operating system(s) and the host operating system. http://www.secureworks.com/research/blog/index.php/2008/03/04/character-encoding-issues/ http://www.secureworks.com/research/threats/thepacker http://www.secureworks.com/research/threats/thepacker http://www.secureworks.com/research/blog/index.php/2008/02/26/transparency-and-security Last week something very interesting happened in the IT world. Microsoft made a pledge to open up many of the of the APIs and communication protocols that are used in the Windows OS, SQL Server, Office file formats, Exchange, and others. If this holds true, it marks a big change in the way that they've protected their internal data, and that is going create a big stir throughout the IT industry. But, the stir is going to mean different things to different people. http://www.secureworks.com/research/blog/index.php/2008/02/26/transparency-and-security/ http://www.secureworks.com/research/threats/linuxservers http://www.secureworks.com/research/threats/linuxservers http://www.secureworks.com/research/blog/index.php/2008/02/20/linux-kernel-vmsplice-vulnerability http://www.secureworks.com/research/blog/index.php/2008/02/20/linux-kernel-vmsplice-vulnerability/ http://www.secureworks.com/research/threats/pushdo http://www.secureworks.com/research/threats/pushdo