Entries by 'Will Dormann'

Hacking the CERT FOE

CERT No Comments »

By Will Dormann
Senior Member of the Technical Staff
CERT Vulnerability Analysis Team

Will DormannOccasionally this blog will highlight different posts from the SEI blogosphere. Today we are highlighting a recent post by Will Dormann, a senior member of the technical staff in the SEI’s CERT Division, from the CERT/CC Blog. In this post, Dormann describes how to modify the CERT Failure Observation Engine (FOE),when he encounters apps that “don’t play well” with the FOE. The FOE is a software testing tool that finds defects in applications running on the Windows platform.

Read more...

Vulnerabilities and Attack Vectors

CERT No Comments »

By Will Dormann
Senior Member of the Technical Staff
CERT Vulnerability Analysis Team

Will DormannOccasionally this blog will highlight different posts from the SEI blogosphere. Today we are highlighting a recent post by Will Dormann, a senior member of the technical staff in the SEI’s CERT Division, from the CERT/CC  Blog. This post describes a few of the more interesting cases that Dormann has encountered in his work investigating attack vectors for potential vulnerabilities. An attack vector is the method that malicious code uses to propagate itself or infect a computer to deliver a payload or harmful outcome by exploiting system vulnerabilities.

Read more...

Don’t Sign that Applet!

CERT 1 Comment »

By Will Dormann
Senior Member of the Technical Staff
CERT

Will DoormanOccasionally this blog will highlight different posts from the SEI blogosphere. Today’s post by Will Dormann, a senior member of the technical staff in the SEI’s CERT Program, is from the CERT/CC (Coordination Center) blog. This post explores Dormann’s investigation into the state of signed Java applet security.

Read more...