SEI Insights

Authors

Will Dormann

Posts by Will

 Instant KARMA Might Still Get You

 The Risks of Disabling the Windows UAC

 The Risks of SSL Inspection

 Vulnerabilities and Attack Vectors

 Finding Android SSL Vulnerabilities with CERT Tapioca

 Announcing CERT Tapioca for MITM Analysis

 Bundled Software and Attack Surface

 Heartbleed: Q&A

 Taking Control of Linux Exploit Mitigations

 Differences Between ASLR on Windows and Linux

 Feeling Insecure? Blame Your Parent!

 Hacking the CERT FOE

 Hacking the CERT FOE

 BFF 2.7 on OS X Mavericks

 Vulnerabilities and Attack Vectors

 Signed Java Applet Security Improvements

 One Weird Trick for Finding More Crashes

 Forensics Software and Oracle Outside In

 The Risks of Microsoft Exchange Features that Use Oracle Outside In

 Don't Sign that Applet!

 Don't Sign that Applet!

 AMD Video Drivers Prevent the Use of the Most Secure Setting for Microsoft's Exploit Mitigation Experience Toolkit (EMET)

 Signed Java and Cisco AnyConnect

 Effectiveness of Microsoft Office File Validation

 A Security Comparison: Microsoft Office vs. Oracle Openoffice

 CERT Basic Fuzzing Framework Update

 CERT Basic Fuzzing Framework

 Plain Text Email in Outlook Express

 Internet Explorer Kill-Bits

 Vulnerabilities and Attack Surface

 Release of Dranzer ActiveX Fuzzing Tool

 Windows Installer Application Resiliency

 Internet Explorer Vulnerability Attack Vectors

 Reference Implementations for Securing Your Web Browser Guidelines

 Reported Vulnerability in CERT Secure Coding Standards Website

 Carpet Bombing and Directory Poisoning

 ActiveX Vulnerability Discovery at the CERT/CC

 Signed Java Applet Security: Worse than ActiveX?

 Is Your Adobe Flash Player Updated?

 The Dangers of Windows AutoRun


Other Publications

Visit the SEI Digital Library for other publications by Will