TippingPoint Digital Vaccine Laboratories
DID YOU KNOW... DVLabs and our Zero Day Initiative were credited with discovering 17 Microsoft vulnerabilities in 2006 alone.

ARP spoofing for good (or evil)

Today, Pawel Pokrywka announced the release of Etherbat, a Linux application for mapping local networks. The cool part is that it does its magic through ARP spoofing. I have a soft spot for limited information network mapping and device identification, and this does both, which makes it cool++ in my book. I've long wondered what other practical effects you could achieve with ARP spoofing (aside from the obvious route poisoning). ...


ToorCon Seattle (Beta)

ToorCon Seattle (Beta) in Seattle was a new experiment by the ToorCon folks. It was essentially an informal and free invite-only conference, total attendance numbering around 150, with a single track of speakers each having 20 minutes to speak on their current (and potentially in-progress) research. The format was very similar to the format that the AHA! meetings take, so I was right at home speaking there. Th ...


BlueHat v5

BlueHat v5, held at the Microsoft campus in Redmond, is Microsoft's own little hacker conference. It's an invite only conference, however I was able to get an invite through a colleague. Normally I wouldn't be interested in a Microsoft-centric security conference, as the large majority of my research targets have nothing to do with Microsoft products, but I was going to be in town during BlueHat anyway due to a sm ...


Not Worthy of Assassination

My 15 minutes continues to count down as my second appearance as a security expert on local TV news aired last week. The news? There isn't really a turncoat hitman after you. Sorry to burst your bubble, but you're just not that important enough to extort or kill. :) ...


Microsoft Black Tuesday May 2007

We just released a Digital Vaccine to our customers that includes vulnerability filters that protect against exploitation all of today's new vulnerabilities announced by Microsoft. In my mind, I compare the "Microsoft Tuesday" monster to the sea monster in Ray Bradbury's story "The Fog Horn" from my high school English textbook. This monster lurks its head the second Tuesday of every month. Here is a releva ...


Apple issues patch for QuickTime flaw

Tuesday Apple released an update for the (now) famous QuickTime flaw which emerged as part of the "PWN_2_OWN" AKA "Hack A Mac" challenge up at CanSecWest. Our advisory is here. The controversial outcome of this particular contest has made great fodder for speculation, conspiracy theory ...


Pin Pointing Stack Smashes

Tracking down stack overflows is tedious work. Especially when the entire stack is blown away leaving you with crash dumps like the excerpt following this paragraph. This crash dump is from an actual process in case you are curious. Specifically, it is from one of the bugs detailed in TPTI-07-02: Trend Micro ServerProtect eng50.dll Stack Overflow Vulnerabilities. It's pretty obvious that it's game over for our target here. The impo ...


Hello World

After much tedious web development, we're excited to finally unveil our security research portal, dedicated to showcasing the ongoing research efforts of DVLabs. This site houses our vulnerability advisories, conference appearances, open-source project contributions, and personal blogs. More to come, stay tuned! -dave ...