search menu icon-carat-right cmu-wordmark

CERT/CC Blog

Vulnerability Insights

Latest Posts

Announcing the CERT Basic Fuzzing Framework 2.0

Announcing the CERT Basic Fuzzing Framework 2.0

• CERT/CC Blog
Allen Householder

Version 2.0 of the CERT Basic Fuzzing Framework (BFF) made its debut on Valentine's Day at the 2011 CERT Vendor Meeting in San Francisco. This new edition has a lot of cool features that we'll be describing in more detail in future posts, but we wanted to let you know that it's available so that you can download and try it....

Read More

"Network Monitoring for Web-Based Threats" Released

• CERT/CC Blog
Sid Faber

The CERT Network Situational Awareness (NetSA) team has published an SEI technical report on monitoring web-based threats. The report draws on related work such as OWASP but comes from a different point of view. While OWASP is focused on developing web applications securely, this report focuses more on situations where you don't have that control, but you need to protect servers and clients from web-based threats. The report may help you answer the following...

Read More
Blog Reorganization

Blog Reorganization

• CERT/CC Blog
Chad Dougherty

Hi, folks. As you can see, we've changed the name of the Vulnerability Analysis Blog to the CERT/CC Blog. With this name change, we're expanding the focus of the blog to include content from other technical teams. The current RSS and Atom feeds will continue to work, but you may want to update to the corresponding new feed location now (RSS, Atom) in order to avoid any problems in the future. Past blog entries will...

Read More
Study of Malicious Domain Names: TLD Distribution

Study of Malicious Domain Names: TLD Distribution

• CERT/CC Blog
Chad Dougherty

Hello, folks. This post comes to you courtesy of Aaron Shelmire from the Network Situational Awareness team. Aaron writes: Recently the Network Situational Awareness team at CERT has been researching the characteristics of malicious network touchpoints. The findings of this initial research are very telling as to the true state of security on the internet....

Read More
CERT Basic Fuzzing Framework

CERT Basic Fuzzing Framework

• CERT/CC Blog
Will Dormann

Hi folks. I've been involved in a fuzzing effort at CERT. One of the ways that I've been able to discover vulnerabilities is through "dumb" or mutational fuzzing. We have developed a framework for performing automated dumb fuzzing. Today we are releasing a simplified version of automated dumb fuzzing, called the Basic Fuzzing Framework (BFF)....

Read More
Top-10 Top Level and Second Level Domains Found in Malicious Software

Top-10 Top Level and Second Level Domains Found in Malicious Software

• CERT/CC Blog
Chad Dougherty

Hello folks. This post comes to you courtesy of Ed Stoner and Aaron Shelmire from the Network Situational Awareness group at CERT. They write: Recently there have been some statistics published on botnet Command & Control (C2) channels. These statistics claim that 94.58% of botnet C2 channels are under the .com top level domain (TLD). While it's impossible to accurately comment on those statistics without knowing the methodology used to arrive at them, we at...

Read More
Plain Text Email in Outlook Express

Plain Text Email in Outlook Express

• CERT/CC Blog
Will Dormann

Reading email messages in plain text seems like a reasonable thing to do to improve the security of your email client. Plain text takes less processing than HTML, which should help minimize your attack surface, right? As it turns out, Outlook Express (and its derivatives) is doing more than you think when it is configured with the "Read all messages in plain text" option enabled....

Read More