Latest from CoreLabs

  • Home
  • Latest from CoreLabs

Read blog posts from CoreLabs, the research division of Core Security. CoreLabs prides itself on taking a holistic view of information security with a focus on developing solutions to complex, real-world security problems that affect our customers.

25

Sep

Bash Bug, Shellshock, CVE-2014-6271…

We can’t agree on a name, but we can agree it’s a big deal. What is this thing?Many are saying this vulnerability could be bigger than Heartbleed. From my perspective, Heartbleed was a bit more troubling due to the affected component and the massive…

Read More

24

Sep

For Skype and other affected applications: A workaround for "Embarcadero VCL Library Heap Overflow"

I've been thinking about the problems that occur when a new vulnerability appears, and how vendors and users react in these situations. In cases where a vulnerability is found in a specific program, the vendor is responsible for finding a fix and distributing the patched…

Read More

20

Aug

Our Latest Vulnerability Advisory: Delphi and C++ Builder VCL library Buffer Overflow

We've released a new vulnerability advisory. For those who aren’t familiar with Core Security’s advisories, this research is conducted by CoreLabs in an effort to expose security gaps before adversaries find them. Upon discovering a vulnerability, we work with the affected organization and…

Read More

25

Mar

MS14-006: "Microsoft Windows TCP IPv6 Denial of Service Vulnerability"

Hi everyone, I would like to make some comments about the Microsoft MS14-006 update. In the last February Patch Tuesday, Microsoft released a fix for the TCP Windows driver (tcpip.sys). According to the patch bulletin "https://technet.microsoft.com/en-us/security/bulletin/ms14-006" only Windows 8 and Windows 2012 were…

Read More

23

Jan

Introducing Sentinel, a 32-bit Anti-Exploit Tool From CoreLabs

In this blogpost I would like to introduce you to Sentinel, an anti-exploit tool, and share two demos with you. Sentinel is a 32-bit anti-exploit tool that I have been developing for some time which I presented in "Ekoparty" security conference at the end…

Read More

03

Dec

DOWN TO THE CORE: NOVEMBER 2013 IMPACT REPORT

 November efforts were mainly focused on delivering new exploits and updates to existing exploits and modules requested by customers while working on the release of CORE Impact 2014 R1. The main exploits & modules released during November are listed below: Updates for November 2013…

Read More

31

Jul

Looking at OWASP’s 2013 Web Vulnerabilities List - Guest Blog from InfoSec Institute

The following post, is a guest blog from Jonathan Lampe, from InfoSec Institute. The OWASP Top 10 list publicizes the most critical web application security flaws as determined by Open Web Application Security Project (OWASP), a nonprofit, vendor-independent IT security organization formed in…

Read More

25

Jun

The Un-Patched Windows Kernel 0-day

My name is Nicolas Economou  and I’m a specialist member on the Exploit Writing Team here at CORE Labs - specializing in Windows kernel exploitation. Today, I would like to say a few words about a 0-day published a month ago. On Friday, May…

Read More

14

Jun

The OWASP Top 10 2013 List Has Been Released

The OWASP (Open Web Application Security Project) is an open community dedicated to support the development and maintenance of secure Web Applications. The tools and documents offered by OWASP are very valuable for developers, QA folks, Security professionals, and anyone who takes Web…

Read More

01

Apr

MS13-017 - The harmless silent patch...

Hi, in this blog post I'm going to discuss a silent patch published by Microsoft on 12th February 2013 (http://technet.microsoft.com/en-us/security/bulletin/ms13-017). Even though this bug was patched the previous patch Tuesday, I think that it is interesting to analyze and show the relationship between…

Read More