Hackers are developing new software that will help hide browser attack code from some types of security software.
The software, called VoMM (eVade o’ Matic Module), uses a variety of techniques to mix up known exploit code so as to make it unrecognizable to some types of antivirus software.
Using these techniques, VoMM “can create an endless [...]
Get ready for a complete month of fun with H D Moore’s Month of Browser Bugs.
Quoting from Browser Fun blog:
This blog will serve as a dumping ground for browser-based security research and vulnerability disclosure. To kick off this blog, we are announcing the Month of Browser Bugs (MoBB), where we will publish a new browser [...]
Internet Storm Center’s always informative Diary has some good information.
At the urging of Handler Extraordinaire Kyle Haugsness, I tested the sploit on a box with software-based DEP and DropMyRights… here are the results:
Software-based DEP protecting core Windows programs: sploit worked
Software-based DEP protecting all programs: sploit worked
DropMyRights, config’ed to allow IE to run (weakest form of [...]
