TippingPoint Digital Vaccine Laboratories
DID YOU KNOW... At the 2007 Black Hat Briefings in Las Vegas, TippingPoint DVLabs had five speakers presenting on a variety of topics.

Decoding the World... of Warcraft.

Understanding the structure of protocols is essential to being able to identify potential problems or suspicious activity. But, how does one confidently identify a protocol when there is no documentation nor obvious signs? This is the challenge for us when creating our gaming filters. Gaming protocols are unique, proprietary protocols with zero documentation. In this blog entry, I will dissect the first packet in the authentication session for the popular MMO game, "World of Warcraft". ...


XPI: The next malware vector?

"Browser Update Required! Oh noes!" I recently came across yet another malware page posing as an Ebay login page. The page informs the user with big scary language that a "required update" is needed to view the page, then proceeds to inform the user in large friendly letters "Do this to install the required update" through the use of a Flash applet. The "required update" is actually a key logger that hides in the background and watches where you surf and what you type. ...


Everything Old is New Again!

I've often been told that I was born thirty years too late. I hold an unhealthy fascination with the early history of electronic computing (along with computing esoterica in general). If you need someone who can tell you how to work with RDOS on the Nova or need a quick multiplication routine written for the 6502, I'm your man. Plus, I keep telling those young whippersna ...


pun topic='safari on windows' level='clever'

Apple released a public beta of its Safari browser for Microsoft Windows a couple of days ago. Despite the unspeakable joy of being able to use my favorite web browser on my least-favorite operating system, there was still a bit of apprehension. Several attacks, including at least one public remote command execution vulnerability, were discovered on the very first day of release. While most of the "attacks" are simple denials of service, the remote command execution vulnerability is a horse o ...