Posts by chad

3 min Exploits

If you lived here, you'd be home now - thoughts on an IE 0-day

Growing up around Boston, I remember seeing the famous billboards for the Charles River Park apartments: "If You Lived Here, You'd Be Home Now".  These signs were placed strategically, almost sadistically, on Storrow Drive where they were seen every day by the thousands of motorists trapped in rush hour gridlock. This morning, as IT departments scrambled to react to the Internet Explorer 0day vulnerability, I couldn't help but think about that devilish piece of advertising. This critical vuln

3 min Microsoft

Microsoft EMET 4.0 might be the best enterprise security tool you're not using yet

Cross-posted from dangerous.net [http://blog.dangerous.net/2013/04/microsofts-emet-40-free-enterprise.html] Last week Microsoft announced [http://blogs.technet.com/b/srd/archive/2013/04/18/introducing-emet-v4-beta.aspx] their 4.0 beta release of EMET (Enhanced Mitigation Experience Toolkit). If you are responsible for securing Windows systems, you should definitely be looking at this free tool if you haven't already. EMET is a toolkit provided by Microsoft to configure security controls on Wi

12 min

Dangerous Things #1: Interview with Dan Guido, co-founder of Trail of Bits

Having been involved in information security for the last 15 years, I've had the opportunity to meet some really amazing people and to view the industry through their eyes. I've been toying with the idea of a blog series where I interview some of the people I've had the privilege to meet, and hopefully to introduce some of my readers to the awesome research that's being done. I've decided to call the blog series "Dangerous Things", which is a reference to the fact that so many of us in this indu