TippingPoint Digital Vaccine Laboratories
DID YOU KNOW... In December of 2007, Microsoft released seven security bulletins which fixed 11 new security vulnerabilities. TippingPoint and ZDI were credited with discovering a total of four of those vulnerabilities.

TippingPoint Conficker Update

Greetings, we are still working hard to finalize our coverage against the C variant of Conficker. Expect a DV update on Monday or Tuesday at the latest. Systems infected with the C variant are setup to start receiving commands next week on April 1st. So far no one knows the intention of the creators of this botnet, which is making everyone nervous because of the large number of infected hosts. For those who are interested, we have identified 562,229 individual infections with ...


Pwn2Own IE8 Exploit foiled: Is the browser finally secure?

We’ve seen a lot of questions and speculation regarding the winning pwn2own IE8 vulnerability and exploit demonstrated by the artist known only as “Nils”.   As always, we will not discuss a vulnerability before the vendor has a solution.  This is to make sure consumers aren’t inadvertently put at risk from the issue.   ...


MindshaRE: MSEC !exploitable

Amongst the talks on Laser Snooping, Mac Hacking, MD5 collisions, and contest like the Pwn2Own at last weeks CanSecWest security conference was a presentation by Microsoft engineers Jason Shirk & Dave Weinstein titled "Automated Real-time and Post Mortem Security Crash Analysis and Categorization". The presenters unve ...


Pwn2Own Wrap Up

We are all wrapped up from this years CanSecWest and pwn2own contest, and again it was a great conference, and a successful competition. The contest uncovered 4 new and unique critical vulnerabilities affecting the latest and greatest versions of IE, Safari and FireFox. The Chrome browser gets a small nod for being impacted by one of the flaws, although exploit is not possible using any current known techniques. I’m sure they’ll get it fixed up just the same. ...


Pwn2Own Day 2

The 3rd annual Pwn2Own contest kicked off its second day today at CanSecWest this morning.  If you missed it, check out yesterday's browser carnage (with pics).Today, any contestant could attempt to break int ...


Pwn2Own 2009 Day 1 - Safari, Internet Explorer, and Firefox Taken Down by Four Zero-Day Exploits

The 3rd annual Pwn2Own contest kicked off today at CanSecWest around 3:00pm PST. For the first time, we had so many people register for the contest that we had to draw names from a hat- literally! In typical techie format, Aaron wanted to take a moment and write a quick program to randomly select order- but I stopped that non ...


Line Noise

CanSecWest is going on, SxSW is happening (and DoSing my cell phone) and you are stuck inside reading Line Noise. This is a short one, so you can get back to relentlessly watching your Twitter feed.First up, Microsoft announced that the Web Sandbox source code will be ...


Reverse Engineering iPhone AppStore Binaries

I recently had the need to audit an iPhone application I purchased through the AppStore and quickly came to discover that getting started takes a bit more effort then simply dragging and dropping into IDA. I'm certainly not the first person to have done so, or documented the process, but when faced with a new challenge I like to figure it out the hard way at first, to better understand the fine details. This blog entry details how to get an application into a reversable state.


MindshaRE: Labeling UUIDS From Type Information

COM and Windows are a special marriage. One of destitution and frustration when reverse engineering. So we try everything we can to make reversing COM as easy of a process as possible. One of these tricks is labeling what we know, or can glean, from the binary we are interested in. Today, I will show you how to easily label UUIDS contained in type information.MindshaRE is our weekly look at some simple reverse engineer ...