Showing 3 results for: September 2013 ×Security Research ×

ModSecurity for Java - BETA Testers Needed

Over the course of the summer of 2013, the ModSecurity team participated in Google's Summer of Code (GSoC) program through OWASP. We helped by mentoring Mihai Pitu who developed a port of ModSecurity for Java! The main problem this project...

Trust for Sale

Let's, for a moment, get into the mind of a cyber criminal: Say you have a malicious executable that steals sensitive data (credit card numbers, credentials, etc.), which you would like to execute on compromised computers. You put lots of...

Vino VNC Server Remote Persistent DoS Vulnerability

Last week, I was making some performance enhancements to the VNC protocol implementations in the TrustKeeper Scanning Engine. Unfortunately, in my mission to "Go Fast!", I managed to trigger a Denial of Service (DoS) vulnerability in Vino. Vino is the...