Security Alerts & News
by Tymoteusz A. Góral

History
#1842 Buffer overflow explained
Ever heard of a buffalo overflow? Me neither. An information security officer (ISO) mentioned it to me once, and frankly I had to Google it. Apparently it’s related to an ancient Indian technique where hunters herded bison and drove them over a cliff, breaking their legs and rendering them immobile. Tribe members waiting below closed in with spears and bows to finish the kills. That's kinda cruel to be talking about. I think the ISO meant a buffer overflow though . That I can tell a thing or two about, so in this blog I will explain how a basic buffer overflow exploitation works.

A buffer overflow is an anomaly where a program, while writing data to a buffer, overruns the buffers boundary and overwrites adjacent memory locations. Writing data outside the allocated memory space boundaries may lead to a program crash and in some cases could even give an attacker the ability to change the program application flow. In this blog I will show how a mini-application, written in C, can run arbitrary code by making use of a buffer overflow. I will use Microsoft Visual Studio 2013 to debug the application and I'll use Windows 8 as a host operation system. Please note that this blog only serves to give a basic explanation, therefore some modern protection mechanisms against buffer overflow exploitations will be disabled. This makes it somewhat easier to illustrate the basic mechanisms.
Read more
#1846 IoT in 2017: Why usage is going to grow, despite the security risks
#1845 This Android-infecting Trojan malware uses your phone to attack your router
#1844 CNN uses screenshot from ‘Fallout 4’ to show how Russians hack things
#1843 The biggest security threats coming in 2017
#1842 Buffer overflow explained
#1841 Critical flaw in PHPMailer library puts millions of websites at risk
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12