Companies battle with users who download files from the Internet at work and then execute them. Unsuspicious files are often infected with malware. A common procedure to decrease the amount of infections is to block common bad file types (for example .exe, .scr or .zip), before the files can enter the internal network. The preconditions […]
As part of today’s monthly patch day, Microsoft fixed an issue I reported in September 2012 around (ASP).NET and SharePoint. The vulnerability opens a new type of attack surface on ASP.NET if a given precondition regarding the Viewstate field is met. The impact is at least a breach of data integrity on the server side resulting […]
Each year, the world renowned Royal Holloway University of London (RHUL) Information Security Group (ISG) invites potential, current and past students to join the weekend conference and meet with well regarded security researchers and experts from academia, UK government and the industries. Part of the tradition is to to have dinner at the wonderfull and […]
© 2024 Compass Security Blog