- tl;dr sec
- Archive
- Page 25
Archive
SummarySummary
SummarySummary
Behind the Scenes: Securing In-House Execution of Unsafe Third-Party Executables
Many companies rely on third-party native executables for functionality like image and video processing. However, many of these tools are written in C or C++ and were not designed with security in mind. When a malicious user uploads a specially crafted file, it can lead to arbitrary command execution via a buffer overflow or command injection, arbitrary file read or write, and other bad outcomes.
Clint Gibler
SummarySummary
Browser fingerprints for a more secure web
This talk describes how Salesforce uses browser fingerprinting to protect users from having their accounts compromised. Their goal is to detect sessions being stolen, including by malware running on the same device as the victim (and thus has the same IP address).
Clint Gibler
SummarySummary
SummarySummary
SummarySummary