Exploit Development Class
Want to impress your friends, colleagues, girls, boys, employer, future employer? Want to become more attractive to the opposite sex? Want to make your past employer and/or ex-(girlfriend|boyfriend|spouse) jealous? Then you need to get dangerous and become awesome. We're run
Estimating Time
One of the developers here at Sourcefire, Andrew Williams, has written what we think is an interesting piece on Estimating Time for project planning. Take a look at it here: http://www.baltdad.com/2009/05/estimation/
Snort and Neural Networks
Jacson Rodrigues Correia da Silva just finished his Bachelors degree in computer science. As part of his final project, he came up with an implementation that allows you to use Snort with JavaNNS. (see http://www.cis.cau.edu/675/javasnns.html). This means, you could use Snort in
DoJoSec and dnssnarf
One of our IT guys, (total security geek Christopher McBee) found some interesting information from last nights DoJoSec meeting. Here's what he has to say: During Sean Wilkerson's talk at last nights DojoSec meeting (http://www.dojosec.com), Sean discussed some simple op
Rule release for today - May 5th 2009
Adobe Reader Code Execution (CVE-2009-1492): The JavaScript API in Adobe Reader may allow a remote attacker to execute code on an affected system. The problem occurs when specially crafted JavaScript uses the getAnnots method in a PDF document. A rule to detect attacks targeting
Virut Analysis and Snort Rule
Virut (from virus + trojan) is a family of malware that has been around in since about 2006. Unfortunately for us, it is still around 3 years later with new variants being released on regular basis. We came across a recent Virut sample (MD5:e68c4b9428f41036b1cf890d93bdf390) and t
Some days you just can't walk away.....
I apologize ahead of time for the marketing fluff in this post, I promise the next several posts after this will be much heavier on the tech and the cool. However, I just couldn't let this one go and neither could any of the Sourcefire VRT. Today we got an anonymous email wi
DoJoSec Meeting - May 7th
Here lie the details: http://www.dojosec.com/?p=109 A few of us are planning on attending the meeting, come and say hello. Also, from last month's meeting, our fearless leader and Senior Director of Chaos and Mayhem gave a talk that had something to do with PDFs and Adobe :
Rule release for today - April 21st 2009
A small set of new rules in today's release and a couple of modifications. Here are the highlights: Adobe Flash Player Buffer Overflow (CVE-2009-0520): Adobe Flash Player contains a programming error that may allow a remote attacker to execute code on a vulnerable system via