search menu icon-carat-right cmu-wordmark

CERT/CC Blog

Vulnerability Insights

Latest Posts

One Weird Trick for Finding More Crashes

One Weird Trick for Finding More Crashes

• CERT/CC Blog
Will Dormann

Hi folks. It's Will Dormann from the CERT Vulnerability Analysis team. Today we're announcing the release of updates to both of our fuzzing tools, the CERT Basic Fuzzing Framework (BFF) version 2.7 and the CERT Failure Observation Engine (FOE) version 2.1. In this blog entry I will describe some of the major changes with these tools....

Read More
One Weird Trick for Finding More Crashes

One Weird Trick for Finding More Crashes

• CERT/CC Blog
Will Dormann

Hi folks. It's Will Dormann from the CERT Vulnerability Analysis team. Today we're announcing the release of updates to both of our fuzzing tools, the CERT Basic Fuzzing Framework (BFF) version 2.7 and the CERT Failure Observation Engine (FOE) version 2.1. In this blog entry I will describe some of the major changes with these tools....

Read More
Practical Math for Your Security Operations - Part 2 of 3

Practical Math for Your Security Operations - Part 2 of 3

• CERT/CC Blog
Vijay Sarvepalli

Hi, this is Vijay Sarvepalli, Security Solutions Engineer in the CERT Division again. In my earlier blog post, I offered some ideas for applying set theory in your SOC (Security Operations Center). This time I introduce you to statistics, specifically standard deviation. Mathematical terms such as standard deviation can seem mysterious for daily security operations. However, I've provided some simple examples to help you analyze network security data using this measurement....

Read More
Mining Ubuntu for Interesting Fuzz Targets

Mining Ubuntu for Interesting Fuzz Targets

• CERT/CC Blog
Jonathan Foote

Hello, Jonathan Foote here. In this post I'll explain how to use information from databases in stock Ubuntu systems to gather the parameters needed to perform corpus distillation (gathering of seed inputs) and fuzzing against the installed default file type handlers in Ubuntu Desktop 12.04. This technique applies to most modern versions of Ubuntu....

Read More
Domains That Are Typos of Other Domains

Domains That Are Typos of Other Domains

• CERT/CC Blog
Jonathan Spring

Hello, this is Jonathan Spring. I've been investigating the usage of domains that are typos of other domains. For example, foogle.com is a typo of google.com, and it's a common one since 'f' is next to 'g' on the standard keyboard. The existing hypothesis has been that typo domains would be used for malicious purposes. Users would commonly mistype the domain they are going to, and some of the less scrupulous domain owners could take...

Read More
Practical Math for Your Security Operations - Part 1 of 3

Practical Math for Your Security Operations - Part 1 of 3

• CERT/CC Blog
Vijay Sarvepalli

Hi, this is Vijay Sarvepalli, Security Solutions Engineer in the CERT Division. Mathematics is part of your daily tasks if you're a security analyst. In this blog post series, I'll explore some practical uses of math in your SOC (Security Operations Center). This pragmatic approach will hopefully help enhance your use of mathematics for network security....

Read More
A ccTLD Case Study: .tv

A ccTLD Case Study: .tv

• CERT/CC Blog
Leigh Metcalf

Hello, this is Leigh Metcalf and Jonathan Spring. In this post, we first examine some of the usage patterns in the .tv top-level DNS zone via passive DNS. In the second half of the post, we explore the economic importance of the .tv domain to its owner, the small South Pacific island nation of Tuvalu. Combining these two analyses, it seems that suspicious domain names could be one of Tuvalu's more valuable exports....

Read More