FireEye Blog

Threat Research, Analysis, and Mitigation

1996人订阅
Fuzzing Image Parsing in Windows, Part One: Color Profiles Image parsing and rendering are basic features of any modern operating system (OS). Image parsing is an easily accessible attack surface, and a vulnerability that may lead to remote code execution or information disclosure in such a feature is valuable to attackers. In this multi-part blog series, I am reviewing Windows OS’ built-in image parsers and related file formats: specifically looking at creating a harness, hunting for corpus and fuzzing to find vulnerabilities. In part one of this series I am looking at color profiles—not an image format itself, but something whi...
A "DFUR-ent" Perspective on Threat Modeling and Application Log Forensic Analysis Many organizations operating in e-commerce, hospitality, healthcare, managed services, and other service industries rely on web applications. And buried within the application logs may be the potential discovery of fraudulent use and/or compromise! But, let's face it, finding evil in application logs can be difficult and overwhelming for a few reasons, including: The wide variety of web applications with unique functionality The lack of a standard logging format Logging formats that were designed for troubleshooting application issues and not security investigations The n...